SlideShare a Scribd company logo

Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance

Download as PPTX, PDF
PECB
PECB

In today’s rapidly evolving world, where Artificial Intelligence (AI) not only drives innovation but also presents unique challenges and opportunities, staying ahead means being informed. Amongst others, the webinar covers: • ISO/IEC 27001 and ISO/IEC 42001 and their key components • Latest trends in AI Governance • Ethical AI practices • Benefits of Certification Presenters: Jeffrey Bankard - Cybersecurity & AI Leader, AI Management Systems: ISO/IEC 42001 Jeffrey provides executive leadership for AI product creation through the product incubation unit (PIU). Ensures the timely delivery of AI consulting engagements through cross-functional teams comprised of senior information and network security leaders to establish strategic goals for improving the security architecture and risk posture for clients. Consults with business leaders to define key performance indicators and service levels. Fosters employee development through mentoring and coaching. Decides how to achieve results within the organization’s strategic plans, policies, and guidelines. Develops new products and secures those products through current AI security guidelines (ISO 42001). Adrian Resag - Experienced in Risk and Control - ISO/IEC 27001 and ISO/IEC 42001 Adrian believes a stimulating career can span many disciplines and that leading organizations value versatile professionals. He has enjoyed managing teams spanning the globe by working in world-leading organizations as Chief Audit Executive, Head of Risk Management, Information Systems Auditor, Head of Internal Control, as a consultant, a statutory auditor and an accountant. To allow such a diverse career, his approach has been to pursue certifications in many fields (making him one of the most qualified and certified in some of them). He has written books and created professional certifications in audit & assurance and compliance & ethics, and teaches in subjects from information security to risk management. With a passion for education, Adrian founded an educational institution and has taught tens of thousands of students and professionals online, in companies, universities and in governmental organizations. Date: February 28, 2024 ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: ISO/IEC 27001 Information Security Management System - EN | PECB ISO/IEC 42001 Artificial Intelligence Management System - EN | PECB Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ YouTube video: https://youtu.be/DujXaxBhhRk

Education
1 of 27
Agenda ISO 27001 & ISO 42001 Risk Management & Compliance AI and Information Security Risks Chatbot Manipulation When the AI Chatbot Disparages Its Own Company When Deepfake Tricks Your CFO out of $25 million Protection Putting in Place ISO 42001 Security Threats Specific to AI Systems The AI Security Triad Risk Management and Compliance
Case Study: When Deepfake Tricks Your CFO out of $25 million In a recent case study, scammers utilized deepfake technology to deceive an employee at a multinational company, resulting in a $25 million loss. The fraudsters impersonated the company's UK-based chief financial officer and conducted a video call with the employee, all through deepfake manipulation. This incident underscores the vulnerability of organizations to AI-driven cyber threats.
Case Study: Chatbot Manipulation
Case Study: Chatbot Manipulation
Case Study: When the AI Chatbot Disparages Its Own Company
Case Study: When the AI Chatbot Disparages Its Own Company
Security Threats Specific to AI Systems Data Poisoning AI model data poisoning is the deliberate injection of malicious or deceptive data into training sets, aimed at compromising the integrity or performance of machine learning models. Model Stealing AI model stealing involves unauthorized access to or replication of a trained machine learning model, often for illicit purposes such as intellectual property theft or model replication without proper authorization. Model Inversion Attacks AI model inversion attacks involve exploiting a machine learning model's output to infer sensitive information about the training data it was trained on, potentially compromising privacy or security.
The AI Security Triad Security of AI focuses on fortifying AI systems themselves against threats. It's about ensuring that these systems, including their data, are safeguarded from adversarial attacks, and their integrity and privacy are maintained. This is achieved via implementation of the AI Security Framework. Security with AI focuses on fortifying AI systems themselves against threats. It's about ensuring that these systems, including their data, are safeguarded from adversarial attacks, and their integrity and privacy are maintained. Security through AI employs autonomous AI agents to deliver security services with minimal human intervention.
ISO 27001 helps organizations ensure information security, cybersecurity and privacy protection. ISO 27001 and ISO 42001 ISO 27001 Information Security Management Systems ISO 42001 helps organizations responsibly use, develop, monitor or provide products or services that use AI. ISO 42001 Artificial Intelligence Management Systems October 2005 December 2023
ISO standards help organizations reach their objectives by ensuring that risks to the achievement of objectives are properly treated. ISO 27001 and ISO 42001 Risk Management and Compliance Risks dependent on the AI activities of the organization Information security and AI risks from the external environment AI risk management and compliance is not only for organizations putting in place operations dependent on AI, but for any organization with vulnerabilities.
Putting in place ISO 42001 Improvement AIMS Performance Evaluation Support Operations Leadership Planning Context The ISO 42001 AI management system is designed to be a comprehensive framework that helps an organization to manage its AI operations and risks effectively.
Leadership Planning Context Support Operations AIMS Performance Evaluation Improvement Context of the Organization 1 Leadership 2 Planning 3 Operations 5 AI Management System Performance Evaluation 6 Improvement 7 Support 4
Leadership Planning Context Context of the Organization 1  Internal and external context  Interested Parties (Stakeholders) Analysis
Leadership Planning Context Support Leadership 2 AI Policies and Procedures Provide management direction and support for AI systems  AI Policy  Alignment of Organizational Policies with AI Risks and System Objectives  Regular Policy Review Internal Organization Establish accountability within the organization for AI systems  AI roles and responsibilities  Reporting of concerns  Leadership and commitment  Scope of the AI Management System  AI Policy  Internal organization
Planning Support Operations Planning 3  AI Systems Impact Assessment  Management Guidance for AI System Development and Maintenance AI System Risk and Impact Assessment Assess risks and the impacts to those affected by AI systems  Assess risks and plan actions to respond to risks and opportunities  AI system impact on individuals and groups  AI system societal impact Management Guidance for AI System Development and Maintenance Documented Objectives and Processes Ensure the organization implements processes for the responsible design and development of AI systems  Documented objectives for responsible development  Documented processes for responsible design and development Defined Criteria and Requirements in the AI System Life Cycle Define the criteria and requirements for each stage of the AI system life cycle
Management Guidance for AI System Development and Maintenance Documented Objectives and Processes Ensure the organization implements processes for the responsible design and development of AI systems  Documented objectives for responsible development  Documented processes for responsible design and development Defined Criteria and Requirements in the AI System Life Cycle Define the criteria and requirements for each stage of the AI system life cycle Requirements and Specifications Design and Development Verification and Validation Deployment Operations and Monitoring Technical Documentation Recording of Events
Leadership Planning Context Support Support 4  Resources for AI systems  Information for Interested Parties Resources for AI systems Ensure that the organization accounts for the resources of the AI system  Data resources  Tooling resources  System and computing resources  Human resources Information for Interested Parties Ensure interested parties have the necessary information to understand and assess the AI system's risks and their impact  System Documentation and User Information  External reporting  Incident reporting  Information for interested parties
Planning Support Operations Operations 5  Controls and Procedures  Continuous Risk & Impact Assessment  Data for AI Systems  Use of AI Systems  Third-party and Customer Relationships Data for AI Systems Define, document and implement data management processes related to the development of AI systems  Acquisition  Quality  Provenance  Preparation Use of AI Systems Ensure that the organization uses AI systems responsibly and according to organizational policies  Responsible use of AI systems  Intended use of the AI system Third-party and Customer Relationships Ensure that the organization understands its responsibilities and remains accountable, and 3rd party risks are monitored and treated  Allocating responsibilities between supplier and customer
AIMS Performance Evaluation AI Management System Performance Evaluation 6  Monitoring  Internal audit  Management review
AIMS Improvement Improvement 7  Continual improvement  Nonconformity and corrective action
Leadership Planning Context Support Operations AIMS Performance Evaluation Improvement Context of the Organization  Internal and external context  Interested Parties (Stakeholders) Analysis 1 Leadership  Leadership and commitment  Scope of the AI Management System  AI Policy  Internal organization 2 Planning  AI Systems Impact Assessment  Management Guidance for AI System Development and Maintenance 3 Operations  Controls and Procedures  Continuous Risk & Impact Assessment  Data for AI Systems  Use of AI Systems  Third-party and Customer Relationships 5 AI Management System Performance Evaluation  Monitoring  Internal audit  Management review 6 Improvement  Continual improvement  Nonconformity and corrective action 7 Support  Resources for AI systems  Information for Interested Parties 4
THANK YOU Q&A

Recommended

ITIL Business Relationship Management, the "Hidden" Process
ITIL Business Relationship Management, the "Hidden" ProcessITIL Business Relationship Management, the "Hidden" Process
ITIL Business Relationship Management, the "Hidden" ProcessFlevy.com Best Practices
 
The organization structure, managers and activities
The organization structure, managers and activities The organization structure, managers and activities
The organization structure, managers and activities Unitedworld School Of Business
 
CPI Presentation (MP FINAL)
CPI Presentation (MP FINAL)CPI Presentation (MP FINAL)
CPI Presentation (MP FINAL)Melissa Wilson
 
MIS - Case study
MIS - Case studyMIS - Case study
MIS - Case studySanaRiaz789
 
Service Level Agreement
Service Level AgreementService Level Agreement
Service Level Agreementdlfrench
 
12 Best Privacy Frameworks
12 Best Privacy Frameworks12 Best Privacy Frameworks
12 Best Privacy FrameworksAndrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
Iso 27001 awareness
Iso 27001 awarenessIso 27001 awareness
Iso 27001 awarenessÃsħâr Ãâlâm
 
The information security audit
The information security auditThe information security audit
The information security auditDhani Ahmad
 

Recommended

ITIL Business Relationship Management, the "Hidden" Process
ITIL Business Relationship Management, the "Hidden" ProcessITIL Business Relationship Management, the "Hidden" Process
ITIL Business Relationship Management, the "Hidden" ProcessFlevy.com Best Practices
 
The organization structure, managers and activities
The organization structure, managers and activities The organization structure, managers and activities
The organization structure, managers and activities Unitedworld School Of Business
 
CPI Presentation (MP FINAL)
CPI Presentation (MP FINAL)CPI Presentation (MP FINAL)
CPI Presentation (MP FINAL)Melissa Wilson
 
MIS - Case study
MIS - Case studyMIS - Case study
MIS - Case studySanaRiaz789
 
Service Level Agreement
Service Level AgreementService Level Agreement
Service Level Agreementdlfrench
 
12 Best Privacy Frameworks
12 Best Privacy Frameworks12 Best Privacy Frameworks
12 Best Privacy FrameworksAndrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
Iso 27001 awareness
Iso 27001 awarenessIso 27001 awareness
Iso 27001 awarenessÃsħâr Ãâlâm
 
The information security audit
The information security auditThe information security audit
The information security auditDhani Ahmad
 
Information security management system (isms) overview
Information security management system (isms) overviewInformation security management system (isms) overview
Information security management system (isms) overviewJulia Urbina-Pineda
 
Marketing automation evaluation criteria
Marketing automation evaluation criteriaMarketing automation evaluation criteria
Marketing automation evaluation criteriaThe Marketing Practice
 
Security & Compliance
Security & ComplianceSecurity & Compliance
Security & ComplianceAmazon Web Services
 
Information System audit
Information System auditInformation System audit
Information System auditPratapchandra
 
Auditing application controls
Auditing application controlsAuditing application controls
Auditing application controlsCenapSerdarolu
 
Iso 27001 2013 Standard Requirements
Iso 27001 2013 Standard RequirementsIso 27001 2013 Standard Requirements
Iso 27001 2013 Standard RequirementsUppala Anand
 
Ch 03 personality and values
Ch 03 personality and valuesCh 03 personality and values
Ch 03 personality and valuesTuru Turuu
 
Personality With Theories {Lecture Notes}
Personality With Theories {Lecture Notes}Personality With Theories {Lecture Notes}
Personality With Theories {Lecture Notes}FellowBuddy.com
 
SOC Certification Runbook Template
SOC Certification Runbook TemplateSOC Certification Runbook Template
SOC Certification Runbook TemplateMark S. Mahre
 
ITIL vs. COBIT
ITIL vs. COBITITIL vs. COBIT
ITIL vs. COBITMohsen Yousefi
 
Security Audit Best-Practices
Security Audit Best-PracticesSecurity Audit Best-Practices
Security Audit Best-PracticesMarco Raposo
 
Security Consulting Services
Security Consulting ServicesSecurity Consulting Services
Security Consulting ServicesePlus
 
Neo personality inventory
Neo personality inventoryNeo personality inventory
Neo personality inventoryMuhammad Musawar Ali
 
Isms awareness presentation
Isms awareness presentationIsms awareness presentation
Isms awareness presentationPranay Kumar
 
Foundations of organizational behaviour
Foundations of organizational behaviourFoundations of organizational behaviour
Foundations of organizational behaviourSurya Panikkar
 
GDPR and ISO27001 mapping EL
GDPR and ISO27001 mapping ELGDPR and ISO27001 mapping EL
GDPR and ISO27001 mapping ELEugene Lee
 
ISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxDr Madhu Aman Sharma
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingOperational Excellence Consulting
 
MSP Best Practice | Using Strategic IT Roadmaps to Get More Contracts
MSP Best Practice | Using Strategic IT Roadmaps to Get More ContractsMSP Best Practice | Using Strategic IT Roadmaps to Get More Contracts
MSP Best Practice | Using Strategic IT Roadmaps to Get More ContractsDavid Castro
 
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...iFour Consultancy
 
Iso 27001 2005- by netpeckers consulting
Iso 27001 2005- by netpeckers consultingIso 27001 2005- by netpeckers consulting
Iso 27001 2005- by netpeckers consultingIskcon Ahmedabad
 
Info Security & PCI(original)
Info Security & PCI(original)Info Security & PCI(original)
Info Security & PCI(original)NCTechSymposium
 

More Related Content

What's hot

Information security management system (isms) overview
Information security management system (isms) overviewInformation security management system (isms) overview
Information security management system (isms) overviewJulia Urbina-Pineda
 
Marketing automation evaluation criteria
Marketing automation evaluation criteriaMarketing automation evaluation criteria
Marketing automation evaluation criteriaThe Marketing Practice
 
Information System audit
Information System auditInformation System audit
Information System auditPratapchandra
 
Auditing application controls
Auditing application controlsAuditing application controls
Auditing application controlsCenapSerdarolu
 
Iso 27001 2013 Standard Requirements
Iso 27001 2013 Standard RequirementsIso 27001 2013 Standard Requirements
Iso 27001 2013 Standard RequirementsUppala Anand
 
Ch 03 personality and values
Ch 03 personality and valuesCh 03 personality and values
Ch 03 personality and valuesTuru Turuu
 
Personality With Theories {Lecture Notes}
Personality With Theories {Lecture Notes}Personality With Theories {Lecture Notes}
Personality With Theories {Lecture Notes}FellowBuddy.com
 
SOC Certification Runbook Template
SOC Certification Runbook TemplateSOC Certification Runbook Template
SOC Certification Runbook TemplateMark S. Mahre
 
Security Audit Best-Practices
Security Audit Best-PracticesSecurity Audit Best-Practices
Security Audit Best-PracticesMarco Raposo
 
Security Consulting Services
Security Consulting ServicesSecurity Consulting Services
Security Consulting ServicesePlus
 
Isms awareness presentation
Isms awareness presentationIsms awareness presentation
Isms awareness presentationPranay Kumar
 
Foundations of organizational behaviour
Foundations of organizational behaviourFoundations of organizational behaviour
Foundations of organizational behaviourSurya Panikkar
 
GDPR and ISO27001 mapping EL
GDPR and ISO27001 mapping ELGDPR and ISO27001 mapping EL
GDPR and ISO27001 mapping ELEugene Lee
 
ISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxDr Madhu Aman Sharma
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingOperational Excellence Consulting
 
MSP Best Practice | Using Strategic IT Roadmaps to Get More Contracts
MSP Best Practice | Using Strategic IT Roadmaps to Get More ContractsMSP Best Practice | Using Strategic IT Roadmaps to Get More Contracts
MSP Best Practice | Using Strategic IT Roadmaps to Get More ContractsDavid Castro
 
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...iFour Consultancy
 

What's hot (20)

Information security management system (isms) overview
Information security management system (isms) overviewInformation security management system (isms) overview
Information security management system (isms) overview
 
Marketing automation evaluation criteria
Marketing automation evaluation criteriaMarketing automation evaluation criteria
Marketing automation evaluation criteria
 
Security & Compliance
Security & ComplianceSecurity & Compliance
Security & Compliance
 
Information System audit
Information System auditInformation System audit
Information System audit
 
Auditing application controls
Auditing application controlsAuditing application controls
Auditing application controls
 
Iso 27001 2013 Standard Requirements
Iso 27001 2013 Standard RequirementsIso 27001 2013 Standard Requirements
Iso 27001 2013 Standard Requirements
 
Ch 03 personality and values
Ch 03 personality and valuesCh 03 personality and values
Ch 03 personality and values
 
Personality With Theories {Lecture Notes}
Personality With Theories {Lecture Notes}Personality With Theories {Lecture Notes}
Personality With Theories {Lecture Notes}
 
SOC Certification Runbook Template
SOC Certification Runbook TemplateSOC Certification Runbook Template
SOC Certification Runbook Template
 
ITIL vs. COBIT
ITIL vs. COBITITIL vs. COBIT
ITIL vs. COBIT
 
Security Audit Best-Practices
Security Audit Best-PracticesSecurity Audit Best-Practices
Security Audit Best-Practices
 
Security Consulting Services
Security Consulting ServicesSecurity Consulting Services
Security Consulting Services
 
Neo personality inventory
Neo personality inventoryNeo personality inventory
Neo personality inventory
 
Isms awareness presentation
Isms awareness presentationIsms awareness presentation
Isms awareness presentation
 
Foundations of organizational behaviour
Foundations of organizational behaviourFoundations of organizational behaviour
Foundations of organizational behaviour
 
GDPR and ISO27001 mapping EL
GDPR and ISO27001 mapping ELGDPR and ISO27001 mapping EL
GDPR and ISO27001 mapping EL
 
ISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptx
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
 
MSP Best Practice | Using Strategic IT Roadmaps to Get More Contracts
MSP Best Practice | Using Strategic IT Roadmaps to Get More ContractsMSP Best Practice | Using Strategic IT Roadmaps to Get More Contracts
MSP Best Practice | Using Strategic IT Roadmaps to Get More Contracts
 
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...
 

Similar to Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance

Iso 27001 2005- by netpeckers consulting
Iso 27001 2005- by netpeckers consultingIso 27001 2005- by netpeckers consulting
Iso 27001 2005- by netpeckers consultingIskcon Ahmedabad
 
Info Security & PCI(original)
Info Security & PCI(original)Info Security & PCI(original)
Info Security & PCI(original)NCTechSymposium
 
Information Security Program & PCI Compliance Planning for your Business
Information Security Program & PCI Compliance Planning for your BusinessInformation Security Program & PCI Compliance Planning for your Business
Information Security Program & PCI Compliance Planning for your BusinessLaura Perry
 
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001PECB
 
Stay Ahead of Data Security Risks_ How ISO 27001 Compliance Software Can Help...
Stay Ahead of Data Security Risks_ How ISO 27001 Compliance Software Can Help...Stay Ahead of Data Security Risks_ How ISO 27001 Compliance Software Can Help...
Stay Ahead of Data Security Risks_ How ISO 27001 Compliance Software Can Help...Under Controls
 
Developing an Information Security Program
Developing an Information Security ProgramDeveloping an Information Security Program
Developing an Information Security ProgramShauna_Cox
 
IT Governance and Compliance: Its Importance and the Best Practices to Follow...
IT Governance and Compliance: Its Importance and the Best Practices to Follow...IT Governance and Compliance: Its Importance and the Best Practices to Follow...
IT Governance and Compliance: Its Importance and the Best Practices to Follow...GrapesTech Solutions
 
BusinessGPT - SECURITY AND GOVERNANCE FOR GENERATIVE AI.pptx
BusinessGPT - SECURITY AND GOVERNANCE FOR GENERATIVE AI.pptxBusinessGPT - SECURITY AND GOVERNANCE FOR GENERATIVE AI.pptx
BusinessGPT - SECURITY AND GOVERNANCE FOR GENERATIVE AI.pptxAGATSoftware
 
Role of AI Safety Institutes in Trustworthy AI.pdf
Role of AI Safety Institutes in Trustworthy AI.pdfRole of AI Safety Institutes in Trustworthy AI.pdf
Role of AI Safety Institutes in Trustworthy AI.pdfBob Marcus
 
IS Audit Checklist- by Software development company in india
IS Audit Checklist- by Software development company in indiaIS Audit Checklist- by Software development company in india
IS Audit Checklist- by Software development company in indiaiFour Consultancy
 
ISO/IEC 27001 as a Starting Point for GRC
ISO/IEC 27001 as a Starting Point for GRCISO/IEC 27001 as a Starting Point for GRC
ISO/IEC 27001 as a Starting Point for GRCPECB
 
Running Head CYBERSECURITY FRAMEWORK1CYBERSECURITY FRAMEWORK.docx
Running Head CYBERSECURITY FRAMEWORK1CYBERSECURITY FRAMEWORK.docxRunning Head CYBERSECURITY FRAMEWORK1CYBERSECURITY FRAMEWORK.docx
Running Head CYBERSECURITY FRAMEWORK1CYBERSECURITY FRAMEWORK.docxhealdkathaleen
 
ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview Ahmed Riad .
 
Top 10 use cases for Microsoft Purview.pptx
Top 10 use cases for Microsoft Purview.pptxTop 10 use cases for Microsoft Purview.pptx
Top 10 use cases for Microsoft Purview.pptxAlistair Pugin
 
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulationsManaging ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulationsPECB
 
Enhancing Cybersecurity with VAPT for IT Industries and ISO 27001 Compliant O...
Enhancing Cybersecurity with VAPT for IT Industries and ISO 27001 Compliant O...Enhancing Cybersecurity with VAPT for IT Industries and ISO 27001 Compliant O...
Enhancing Cybersecurity with VAPT for IT Industries and ISO 27001 Compliant O...ShyamMishra72
 
Get Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security SolutionGet Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security SolutionPrecisely
 

Similar to Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance (20)

Iso 27001 2005- by netpeckers consulting
Iso 27001 2005- by netpeckers consultingIso 27001 2005- by netpeckers consulting
Iso 27001 2005- by netpeckers consulting
 
Info Security & PCI(original)
Info Security & PCI(original)Info Security & PCI(original)
Info Security & PCI(original)
 
Information Security Program & PCI Compliance Planning for your Business
Information Security Program & PCI Compliance Planning for your BusinessInformation Security Program & PCI Compliance Planning for your Business
Information Security Program & PCI Compliance Planning for your Business
 
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
 
Stay Ahead of Data Security Risks_ How ISO 27001 Compliance Software Can Help...
Stay Ahead of Data Security Risks_ How ISO 27001 Compliance Software Can Help...Stay Ahead of Data Security Risks_ How ISO 27001 Compliance Software Can Help...
Stay Ahead of Data Security Risks_ How ISO 27001 Compliance Software Can Help...
 
Developing an Information Security Program
Developing an Information Security ProgramDeveloping an Information Security Program
Developing an Information Security Program
 
IT Governance and Compliance: Its Importance and the Best Practices to Follow...
IT Governance and Compliance: Its Importance and the Best Practices to Follow...IT Governance and Compliance: Its Importance and the Best Practices to Follow...
IT Governance and Compliance: Its Importance and the Best Practices to Follow...
 
BusinessGPT - SECURITY AND GOVERNANCE FOR GENERATIVE AI.pptx
BusinessGPT - SECURITY AND GOVERNANCE FOR GENERATIVE AI.pptxBusinessGPT - SECURITY AND GOVERNANCE FOR GENERATIVE AI.pptx
BusinessGPT - SECURITY AND GOVERNANCE FOR GENERATIVE AI.pptx
 
Role of AI Safety Institutes in Trustworthy AI.pdf
Role of AI Safety Institutes in Trustworthy AI.pdfRole of AI Safety Institutes in Trustworthy AI.pdf
Role of AI Safety Institutes in Trustworthy AI.pdf
 
IS Audit Checklist- by Software development company in india
IS Audit Checklist- by Software development company in indiaIS Audit Checklist- by Software development company in india
IS Audit Checklist- by Software development company in india
 
ISO/IEC 27001 as a Starting Point for GRC
ISO/IEC 27001 as a Starting Point for GRCISO/IEC 27001 as a Starting Point for GRC
ISO/IEC 27001 as a Starting Point for GRC
 
An Overview of IT Risk and Control
An Overview of IT Risk and ControlAn Overview of IT Risk and Control
An Overview of IT Risk and Control
 
Running Head CYBERSECURITY FRAMEWORK1CYBERSECURITY FRAMEWORK.docx
Running Head CYBERSECURITY FRAMEWORK1CYBERSECURITY FRAMEWORK.docxRunning Head CYBERSECURITY FRAMEWORK1CYBERSECURITY FRAMEWORK.docx
Running Head CYBERSECURITY FRAMEWORK1CYBERSECURITY FRAMEWORK.docx
 
ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview
 
Isms2
Isms2Isms2
Isms2
 
Top 10 use cases for Microsoft Purview.pptx
Top 10 use cases for Microsoft Purview.pptxTop 10 use cases for Microsoft Purview.pptx
Top 10 use cases for Microsoft Purview.pptx
 
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulationsManaging ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
 
Enhancing Cybersecurity with VAPT for IT Industries and ISO 27001 Compliant O...
Enhancing Cybersecurity with VAPT for IT Industries and ISO 27001 Compliant O...Enhancing Cybersecurity with VAPT for IT Industries and ISO 27001 Compliant O...
Enhancing Cybersecurity with VAPT for IT Industries and ISO 27001 Compliant O...
 
ISO CERTIFICATIONS
ISO CERTIFICATIONSISO CERTIFICATIONS
ISO CERTIFICATIONS
 
Get Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security SolutionGet Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security Solution
 

More from PECB

DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of CybersecurityDORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of CybersecurityPECB
 
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...PECB
 
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...PECB
 
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks EffectivelyISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks EffectivelyPECB
 
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...PECB
 
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital TransformationISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital TransformationPECB
 
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?PECB
 
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...PECB
 
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...PECB
 
Student Information Session University KTMC
Student Information Session University KTMC Student Information Session University KTMC
Student Information Session University KTMC PECB
 
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...PECB
 
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...PECB
 
Student Information Session University CREST ADVISORY AFRICA
Student Information Session University CREST ADVISORY AFRICA Student Information Session University CREST ADVISORY AFRICA
Student Information Session University CREST ADVISORY AFRICA PECB
 
IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?PECB
 
Information Session University Egybyte.pptx
Information Session University Egybyte.pptxInformation Session University Egybyte.pptx
Information Session University Egybyte.pptxPECB
 
Student Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptxStudent Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptxPECB
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023PECB
 
ISO 28000:2022 – Reduce risks and improve the security management system
ISO 28000:2022 – Reduce risks and improve the security management systemISO 28000:2022 – Reduce risks and improve the security management system
ISO 28000:2022 – Reduce risks and improve the security management systemPECB
 
ISO/IEC 27005:2022 – What are the changes?
ISO/IEC 27005:2022 – What are the changes?ISO/IEC 27005:2022 – What are the changes?
ISO/IEC 27005:2022 – What are the changes?PECB
 
ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?PECB
 

More from PECB (20)

DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of CybersecurityDORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
 
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
 
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
 
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks EffectivelyISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
 
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
 
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital TransformationISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
 
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
 
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
 
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
 
Student Information Session University KTMC
Student Information Session University KTMC Student Information Session University KTMC
Student Information Session University KTMC
 
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
 
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
 
Student Information Session University CREST ADVISORY AFRICA
Student Information Session University CREST ADVISORY AFRICA Student Information Session University CREST ADVISORY AFRICA
Student Information Session University CREST ADVISORY AFRICA
 
IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?
 
Information Session University Egybyte.pptx
Information Session University Egybyte.pptxInformation Session University Egybyte.pptx
Information Session University Egybyte.pptx
 
Student Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptxStudent Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptx
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023
 
ISO 28000:2022 – Reduce risks and improve the security management system
ISO 28000:2022 – Reduce risks and improve the security management systemISO 28000:2022 – Reduce risks and improve the security management system
ISO 28000:2022 – Reduce risks and improve the security management system
 
ISO/IEC 27005:2022 – What are the changes?
ISO/IEC 27005:2022 – What are the changes?ISO/IEC 27005:2022 – What are the changes?
ISO/IEC 27005:2022 – What are the changes?
 
ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?
 

Recently uploaded

Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxBarangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxCarlos105
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designMIPLM
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomnelietumpap1
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxDr.Ibrahim Hassaan
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...Postal Advocate Inc.
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parentsnavabharathschool99
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceSamikshaHamane
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17Celine George
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfMr Bounab Samir
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Celine George
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptxmary850239
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfTechSoup
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)lakshayb543
 
Q4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptxQ4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptxnelietumpap1
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersSabitha Banu
 

Recently uploaded (20)

YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptxYOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
 
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxBarangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-design
 
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptxYOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choom
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptx
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parents
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in Pharmacovigilance
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
 
Q4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptxQ4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptx
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for Beginners
 

Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance

  • 1.
  • 2. Agenda ISO 27001 & ISO 42001 Risk Management & Compliance AI and Information Security Risks Chatbot Manipulation When the AI Chatbot Disparages Its Own Company When Deepfake Tricks Your CFO out of $25 million Protection Putting in Place ISO 42001 Security Threats Specific to AI Systems The AI Security Triad Risk Management and Compliance
  • 3. Case Study: When Deepfake Tricks Your CFO out of $25 million In a recent case study, scammers utilized deepfake technology to deceive an employee at a multinational company, resulting in a $25 million loss. The fraudsters impersonated the company's UK-based chief financial officer and conducted a video call with the employee, all through deepfake manipulation. This incident underscores the vulnerability of organizations to AI-driven cyber threats.
  • 5.
  • 7.
  • 8. Case Study: When the AI Chatbot Disparages Its Own Company
  • 9.
  • 10. Case Study: When the AI Chatbot Disparages Its Own Company
  • 11.
  • 12. Security Threats Specific to AI Systems Data Poisoning AI model data poisoning is the deliberate injection of malicious or deceptive data into training sets, aimed at compromising the integrity or performance of machine learning models. Model Stealing AI model stealing involves unauthorized access to or replication of a trained machine learning model, often for illicit purposes such as intellectual property theft or model replication without proper authorization. Model Inversion Attacks AI model inversion attacks involve exploiting a machine learning model's output to infer sensitive information about the training data it was trained on, potentially compromising privacy or security.
  • 13. The AI Security Triad Security of AI focuses on fortifying AI systems themselves against threats. It's about ensuring that these systems, including their data, are safeguarded from adversarial attacks, and their integrity and privacy are maintained. This is achieved via implementation of the AI Security Framework. Security with AI focuses on fortifying AI systems themselves against threats. It's about ensuring that these systems, including their data, are safeguarded from adversarial attacks, and their integrity and privacy are maintained. Security through AI employs autonomous AI agents to deliver security services with minimal human intervention.
  • 14. ISO 27001 helps organizations ensure information security, cybersecurity and privacy protection. ISO 27001 and ISO 42001 ISO 27001 Information Security Management Systems ISO 42001 helps organizations responsibly use, develop, monitor or provide products or services that use AI. ISO 42001 Artificial Intelligence Management Systems October 2005 December 2023
  • 15. ISO standards help organizations reach their objectives by ensuring that risks to the achievement of objectives are properly treated. ISO 27001 and ISO 42001 Risk Management and Compliance Risks dependent on the AI activities of the organization Information security and AI risks from the external environment AI risk management and compliance is not only for organizations putting in place operations dependent on AI, but for any organization with vulnerabilities.
  • 16. Putting in place ISO 42001 Improvement AIMS Performance Evaluation Support Operations Leadership Planning Context The ISO 42001 AI management system is designed to be a comprehensive framework that helps an organization to manage its AI operations and risks effectively.
  • 17. Leadership Planning Context Support Operations AIMS Performance Evaluation Improvement Context of the Organization 1 Leadership 2 Planning 3 Operations 5 AI Management System Performance Evaluation 6 Improvement 7 Support 4
  • 18. Leadership Planning Context Context of the Organization 1  Internal and external context  Interested Parties (Stakeholders) Analysis
  • 19. Leadership Planning Context Support Leadership 2 AI Policies and Procedures Provide management direction and support for AI systems  AI Policy  Alignment of Organizational Policies with AI Risks and System Objectives  Regular Policy Review Internal Organization Establish accountability within the organization for AI systems  AI roles and responsibilities  Reporting of concerns  Leadership and commitment  Scope of the AI Management System  AI Policy  Internal organization
  • 20. Planning Support Operations Planning 3  AI Systems Impact Assessment  Management Guidance for AI System Development and Maintenance AI System Risk and Impact Assessment Assess risks and the impacts to those affected by AI systems  Assess risks and plan actions to respond to risks and opportunities  AI system impact on individuals and groups  AI system societal impact Management Guidance for AI System Development and Maintenance Documented Objectives and Processes Ensure the organization implements processes for the responsible design and development of AI systems  Documented objectives for responsible development  Documented processes for responsible design and development Defined Criteria and Requirements in the AI System Life Cycle Define the criteria and requirements for each stage of the AI system life cycle
  • 21. Management Guidance for AI System Development and Maintenance Documented Objectives and Processes Ensure the organization implements processes for the responsible design and development of AI systems  Documented objectives for responsible development  Documented processes for responsible design and development Defined Criteria and Requirements in the AI System Life Cycle Define the criteria and requirements for each stage of the AI system life cycle Requirements and Specifications Design and Development Verification and Validation Deployment Operations and Monitoring Technical Documentation Recording of Events
  • 22. Leadership Planning Context Support Support 4  Resources for AI systems  Information for Interested Parties Resources for AI systems Ensure that the organization accounts for the resources of the AI system  Data resources  Tooling resources  System and computing resources  Human resources Information for Interested Parties Ensure interested parties have the necessary information to understand and assess the AI system's risks and their impact  System Documentation and User Information  External reporting  Incident reporting  Information for interested parties
  • 23. Planning Support Operations Operations 5  Controls and Procedures  Continuous Risk & Impact Assessment  Data for AI Systems  Use of AI Systems  Third-party and Customer Relationships Data for AI Systems Define, document and implement data management processes related to the development of AI systems  Acquisition  Quality  Provenance  Preparation Use of AI Systems Ensure that the organization uses AI systems responsibly and according to organizational policies  Responsible use of AI systems  Intended use of the AI system Third-party and Customer Relationships Ensure that the organization understands its responsibilities and remains accountable, and 3rd party risks are monitored and treated  Allocating responsibilities between supplier and customer
  • 24. AIMS Performance Evaluation AI Management System Performance Evaluation 6  Monitoring  Internal audit  Management review
  • 26. Leadership Planning Context Support Operations AIMS Performance Evaluation Improvement Context of the Organization  Internal and external context  Interested Parties (Stakeholders) Analysis 1 Leadership  Leadership and commitment  Scope of the AI Management System  AI Policy  Internal organization 2 Planning  AI Systems Impact Assessment  Management Guidance for AI System Development and Maintenance 3 Operations  Controls and Procedures  Continuous Risk & Impact Assessment  Data for AI Systems  Use of AI Systems  Third-party and Customer Relationships 5 AI Management System Performance Evaluation  Monitoring  Internal audit  Management review 6 Improvement  Continual improvement  Nonconformity and corrective action 7 Support  Resources for AI systems  Information for Interested Parties 4