Bruno Blumenthal will provide an overview of the critical frameworks and upcoming regulations, shaping AI governance. This presentation highlights key compliance requirements, including ISO standards, FINMA regulations, and the EU AI Act. Attendees will gain essential insights into current standards and emerging regulatory trends, helping them to navigate the complex AI compliance landscape effectively.

AI Summary

Disclaimer: This session information was generated with the help of AI. The information has been reviewed and refined by the Swiss Cyber Storm team and the speaker before publishing.

Bruno Blumenthal discusses AI compliance, standards, and regulations from a cybersecurity perspective. He highlights the importance of understanding AI in the context of information security and offers insights into ISO and NIST standards relevant to AI risk management. Blumenthal also touches on the EU AI Act and its implications for AI applications, emphasizing the need for organizations to manage AI risks proactively.

Key facts

ISO/IEC's Joint Technical Committee 1, Subcommittee 42, is responsible for artificial intelligence standards, highlighting AI's significance as a standalone field in standardization.
The EU AI Act, approved in summer 2024, will be fully enforceable in two years, setting specific regulations for high-risk AI applications.
NIST's AI Risk Management Framework aims to advance the safe, secure, and trustworthy development and use of AI, with a focus on functions like govern, map, identify, and manage.

Ideas

AI compliance and standards are crucial for managing risks associated with AI from a cybersecurity perspective.
ISO and NIST provide frameworks and standards that can help organizations manage AI risks effectively.
The EU AI Act introduces specific regulations for high-risk AI applications, emphasizing the need for compliance and risk management.
Trustworthy AI encompasses various properties including safety, security, privacy, and fairness, which are essential for AI systems to be considered reliable and ethical.
Organizations need to understand AI technologies and incorporate them into their existing risk management frameworks, rather than treating AI as a completely new challenge.

Keywords

AI Compliance
Cybersecurity
ISO Standards
NIST Framework
EU AI Act

Quotes

“AI is not something that is below or above the information security standards in the view of ISO but on the same level.”
“The goal is actually to advance the safe, secure and trustworthy development and use of AI.”
“Security and resilience the one thing we are usually tasked with is just one of those properties.”
“Most companies will not build AI systems for the public or bring AI systems to the market that are falling into this high risk bucket.”

Recommendations

Organizations should proactively manage AI risks by integrating AI into their existing risk management frameworks.
Understanding and applying standards from ISO and NIST can help organizations navigate the complexities of AI compliance and risk management.
Stay informed about evolving regulations such as the EU AI Act to ensure compliance and address the ethical implications of AI applications.

About the speaker

Bruno Blumenthal

Partner and Member of the Board at Temet

Bruno Blumenthal has over 20 years of experience in information security and cybersecurity. His expertise lies in security governance, strategy and organisation as well as risk management. He continuously monitors emerging trends such as cloud computing and AI to assess their impact on security organisations and their governance. As a consultant, he has developed security strategies and architectures, defined security policies and helped clients improve their security organisation across various industries. He has also been responsible for global information security in international organisations. Bruno Blumenthal is a Partner and member of the Executive Board at TEMET AG, where he helps clients navigate the challenges of cybersecurity.
Read more …

Session

AI Compliance Essentials: Standards and Emerging Regulations