If you aren’t using artificial intelligence - or at least planning to - you are taking the biggest AI-related risk of all: getting left behind.

The potential for:

• Eliminating repetitive work and toil

• Unlocking productivity

• Accelerating growth

is enormous and growing.

Obviously there are risks, which is what I spend my time helping companies mitigate. Most recently, I got the chance to work with Cobalt Robotics on an AI risk assessment. So in this post, I’ll go in-depth on exactly what we did.

Background

Cobalt Robotics is a cutting-edge physical security automation company leveraging intelligent sentries to secure workplaces.

As a result of their use case, AI systems are core to Cobalt’s business operations and value proposition.

Challenges

• Heavily-regulated customer base has strict cybersecurity and compliance needs.

• Machine learning models deployed in autonomous systems.

• Generative AI tools used in day-to-day operations.

“Walter deeply understands both the technical nuance and business demands of building, maintaining, and securing AI-powered cyber-physical products. This was absolutely critical for Cobalt’s needs.”

- Dennis Cui, VP of Engineering, Cobalt Robotics

The StackAware approach

Understand business requirements

Security exists to enable business operations and value delivery, full stop. Without an understanding of the key drivers for technical, architectural, and other decisions, it’s impossible to provide useful cybersecurity advice. That’s why step 1 is understanding our client’s value proposition to their customers.

Refer a friend

Identify security, privacy, and compliance risk surface

With the business context established, the next step was to survey the landscape by inventorying AI tools, reviewing policy documentation, and analyzing inbound security questionnaires. Applying as light a touch as possible was key here, as we didn’t want to make security a drag on productivity. Thus, most of this work was asynchronous with only a few live meetings required of the Cobalt team.

30-day sprint to propose remediations and way ahead

StackAware’s goal was to rapidly provide actionable recommendations without drawing out the process. So once we got our bearings, we were able to deliver a customized AI risk register in machine-readable format along with a Google Slides presentation for human consumption.

And looks like it hit the mark:

“Walter immediately spotted the key issues related to AI and cybersecurity risk. With his help, we were able to rapidly identify - and mitigate - key compliance challenges related to AI tool deployment.”

- Ben Gringeri, VP of Finance, Cobalt Robotics

So the next question is: are you ready to start mapping - and mitigating your AI-related risk?

Get your Data Defense Blueprint