AI’s current path has limited guardrails, but opportunities abound: KPMG

The public and private sectors must work together to provide practical solutions for innovation and support during development to ensure security and privacy are built in from the beginning. Concerns about business outcomes and the need to foster trust among employees and customers in particular, and society in general, are driving widespread debate about how AI can be controlled and deployed responsibly, transparently, and with integrity. There is a lot of ethical debate going on. For this reason, regulations in this field are being strengthened.

Organizations must remain aware of the critical fundamentals needed to establish and maintain trust, while also being mindful of the direction in which regulation is moving. This will go a long way in minimizing the work required to ensure compliance with these regimes in the future. “Data is an important cornerstone for security in general and privacy in particular. The industry requires harmonization of government agencies around the world, as different laws exist, with some countries being more stringent than others. The market needs to balance the need for innovation with effective regulation, “guidance and guardrails,” said KPMG International’s Global Privacy Solutions Lead and KPMG Partner in Canada. said one Sylvia Klasovec Kingsmill.

Even regional approaches to how AI models and algorithms should be managed, deployed, and legislated are ambiguous. Organizations must remain aware of the critical fundamentals needed to establish and maintain trust, while also being mindful of the direction in which regulation is moving. This will go a long way in minimizing the work required to ensure compliance with these regimes in the future. While the absence of legislation is an obvious speedbump, the good news is that existing privacy laws have similar principles that can and should be applied to new AI algorithms. Privacy elements such as notice, consent, explainability, transparency, and risk of harm are all codified in current law. To remain competitive in the marketplace, CISOs must work with chief data officers and data protection officers to support business objectives that rely on AI and ensure that this innovative technology is used effectively and responsibly. You need to decide how to leverage it. At the same time, sufficient governance and controls need to be applied around processes that may have been operating with little oversight for some time. This alignment of enablement and governance is the key to successful implementation.

“CISOs and other senior leaders and their teams must determine how to support business objectives that rely on AI and leverage this innovative technology effectively and responsibly. “They may have been operating with little oversight for some time, and this alignment of enablement and governance is the key to successful implementation,” he says. says Dr. Katie Boswell of cybersecurity services KPMG.

To accelerate AI adoption, organizations must make important choices that shape their approach, such as deciding whether to create an in-house model or rely on a third party. While one or the other option may seem less uncertain, the reality is that both options come with inherent risks that organizations must be aware of and manage effectively.

“Organizations need to educate themselves on transparency, accountability, fairness, privacy, and security safeguards so that they can innovate and deploy with confidence. For example, for guidance on responsible accountability, Look at the big tech companies and jurisdictions that are furthering their AI efforts. “The industry requires harmonization among government agencies around the world. The market needs to balance its need for innovation with effective regulatory guidance and guardrails,” the report added.

This is as much a cultural mindset shift as it is a technological one, and change management will be a key success factor. Integrating a privacy- and security-focused design mindset with AI and other emerging technologies requires that not only the technologies, but also the professionals who manage them, promote a privacy- and security-first mindset. When an organization considers privacy and security from the beginning, they become natural components of the operating model.