In this podcast, we chat with Mathieu Gorge, CEO of Vigitrust, about how artificial intelligence (AI) is reshaping data handling, storage, and compliance for CIOs. Gorge dives into the sheer volume of data we’re dealing with, the challenges of tracking AI’s inputs and outputs, and the urgent need to stay aligned with evolving laws and regulations.
He also shares insights on the possible effects of the new U.S. administration and the European Union’s shifting stance on data and AI.
When it comes to the RSA event, he’s eager to see what’s new in tech and compliance. This year, AI is poised to take center stage—not just AI technology itself, but the security aspects surrounding it. There’s buzz around quantum and post-quantum topics as well, which adds another layer of intrigue. Changes in U.S. policy and the EU’s AI act are likely to influence data classification and storage, making this year’s RSA particularly compelling.
Gorge points out that AI was a hot topic last year, prompting many organizations to explore how it could streamline processes. Now, a lot of companies are adopting their own versions of ChatGPT or building proprietary AI systems for better control. The market is evolving, with organizations asking how to utilize AI effectively and its implications for data classification and governance.
He also notes that numerous security groups are forming AI governance working groups. At Vigitrust, they’re mapping out regulations surrounding AI, emphasizing that understanding the type of data managed is crucial for effective governance. The explosion of new data from AI raises questions about storage solutions and compliance with regulations.
As for the implications of the new U.S. leadership, it’s clear they see AI as a key opportunity. Initiatives from organizations like NIST are developing more comprehensive AI governance frameworks. Local governments, like Boston, are also crafting their own AI regulations for smart cities. A push from the administration means more governance is likely on the horizon—think of it as a parallel to how GDPR evolved.
Switching gears to the EU, there’s a different vibe around AI—it’s viewed simultaneously as a threat and an opportunity. Each member state is creating its own AI regulations alongside the EU framework, attempting to navigate AI’s integration with GDPR. This raises critical questions about data ownership and compliance as AI shifts data management from individuals to systems.
Gorge emphasizes the importance of classifying and storing data properly. With AI introducing risks like bias, organizations must ensure they manage data ethically and comply with regulations. The energy demands of AI also matter, impacting everything from processing power to climate considerations.
His advice? Conduct thorough risk analyses, evaluate storage options, and ensure that security measures are in place to uphold compliance not only with AI regulations but also with GDPR and other privacy standards.