Name: AI Governance: how to enable speed, trust, and defensibility in AI (and beyond)
Uploaded: 2026-05-14T16:16:16.723Z
Duration: 59 min 20 s
Description: AI Governance: how to enable speed, trust, and defensibility in AI (and beyond)

Transcript for "AI Governance: how to enable speed, trust, and defensibility in AI (and beyond)": Well, hi, folks. We are at the top of the hour. And, first of all, just wanted to thank everybody for joining this webinar on AI governance, which is coming up every single day and how can we enable speed, trust, and defensibility in AI. I'm Dan Hansen from BigID. I am our field engineering lead for the privacy and compliance governance side of the house over here at Big ID, and I'm joined today by Fred de Clou. Fred, do you want to give a little introduction? Yes. Thanks, Dan. Hi. Hi, everyone. So I'm Fred, Fred de Clue. I'm currently working at, at Nu Skin. I I need data governance, data privacy, and GRC, functions. And, yeah, I as pretty much everyone, I think, I'm in AI conversations pretty much every day. So that's, that's that's about me. Yeah. Yeah. We're really, really lucky to be joined by Fred because, from previous conversations, he he's really in the thick of it every every single day, so this should be a good one. Alright. Well, we are, just gonna get started here. I think let's dive right in, and I don't want to start too negative on a on a Thursday morning here or scare anyone off, but maybe we'll start with where AI governance and traditional governance as a whole isn't working today. So, you know, traditional governance models aren't built for AI speed and scale. Fred, I'll start with you. Where does it fail first? Where are we starting to see the cracks already? Yeah. I think, we want to try probably take a little step back and think about what's, what's what we call traditional governance. Right? What what what is it? I think it's it's it's coming from a a a space where we have stable systems. We have periodic reviews, inventories that are that are static. Everyone knows what, what everyone, owns. And so it's it's it's pretty simple. Right? It's it's point in time. It's very human driven, very based on approval. So, it works. It worked, at least, because AI broke this, basically. Right? It's, it's I think the the the game is over. And so, the way it broke, it broke at at at many places, of course, but I think if you if we try to think about where exactly it started to break, it started to break on the, I think, on the inventory side because, it's it's hard to track what the inventory is. So, you know, the the freshness of your inventory, is is a is a challenge now. Everything is, is stayed pretty quickly because everything changes very quickly. Another piece, I think, is also, the the accountability. Right? I mean, I talked about the ownership earlier. Right? Ownership, accountability, kind of mixed mixed concepts, but, accountability is changing also because, we don't know exactly, we we lose, we lose understanding of who owns what in the in this life cycle. Right? And, we can talk a life cycle probably later, but all of this gives you an opportunity to to to realize that we are we we start having a lag. Right? I mean, it's not really a gap per se, but it's more lag. We're lagging behind from a governance standpoint. Right? We lose a little bit of understanding of what we have, what the systems are doing, how data is used, and, it's it it it puts us I say us because I'm collectively, completely, consider myself part of part of that group as as probably 99% of the of the folks online and, and that work in the governance space. But, we're we we feel like we are enabled to prove, compliance. It's hard to explain, the outputs. It's it's therefore, it's hard to, like, contain the risk. And so all of this lag is going to eventually create a debt. We need to attack this debt, this governance debt as as soon as we can before before estimate. Yeah. I I couldn't agree more. It's the the inventory item. And to your point on debt, I mean, that the the more debt there is, the higher pressure there is on the accountability side of the house. Right? If no one owns the full life cycle and we have all of this debt piling up because we're treating governance as a a toll booth that you go through one time and then see what happens on the other side. It's only going to rear its head in a year from now when you are doing your typical yearly audit and you realize x, y, z has has changed, since the original training of of a given model or something like that. So I couldn't agree more, on the inventory side, and you can't cover what you can't see and keeping that fresh and up to date. Yeah. Those are some of the key aspects from my notes as well. And then I I think think you mentioned one thing. yeah. Sorry. Yeah. I didn't mean. to cross, but you you said something that that that popped to my head. You said it's, you you realized later that you're that you fell behind. I think that's that's that's really a good statement, because I think governance, when it fails, you don't realize it. Right? You it fails. It's almost like it's failing quietly, but. at some point, it's going to fail publicly. And and that's what you want to try to avoid. Right? We we we you always have a bit of time, because of this, of this lag. You can catch up on the lag before it becomes adept, but, yeah, you don't want to fail publicly. So because it's failing quietly. So you need to find find a way to, to address this. And and if it's failing publicly, we're we're having a completely different conversation. Right? Got it. is gonna bring me to another point I wanted to discuss is, like, the risks organizations are creating unintentionally. So, obviously, we we've talked a little. bit about that that, debt of of of governance and accountability that is being built. But even day to day, there's additional AI risk just from the nature of deploying AI inside of the, environments. Now I don't know about you, but what I've been seeing is at at least at this stage in kind of the AI era that we are in, shadow AI is probably the primary unintentional Okay. risk. Right? Ungoverned tools running parallel to your official tech stack, carrying your most sensitive data, and then sharing that data externally. Right? Shadow AI is actively sending sensitive party data, your own internal data and your most precious data in many cases, to third party models for processing. And what I've seen personally is that banning doesn't work. Right? Most employees are still going to try to utilize tools, whether they are officially allowed, approved or not, and we have to instead govern through enablement. Right? There was an interesting study by the health care organization, or a health care editorial that was covering a few different, health care orgs in their area that, when they gave optionality to their, user base. So when they said we are an anthropic shop now, we are not going to focus on banning ChatGPT or banning Copilot or whatever it might be, but we are just pushing you to use Claude, to use Anthropic. They saw unauthorized, shadow IT usage drop by, 89% was what the study said. And so that's one of those risks areas that, we've been seeing a lot or at least I've been seeing a lot is how do we get individuals off of the shadow AI use case. First of all, love your data points, Dan, as usual. Very interesting stat. Shadow AI is the, yeah, it's the new shadow IT. Right? It's it's it's just that it's the shadow IT with, that that has a little bit of memory and that has a a language model plugged to it, So it's even, Yes. even more dangerous. And and, yeah, of course, I mean, it's it's it's created most of the time, created by these these these bands that I don't think we have so many bands right now, but we had them at least at the beginning, probably a few a few a few years ago. You you of course, you don't want to ban, AI in the in the workplace as you would not ban it, in, you know, in in in in the public. But you want to provide approved AI options, approved AI, paths for the for for the users. So what you can use of course, you wanna prohibit some some, some some tools, and there is then this this gray area that is is not approved, is not prohibited. Well, by definition, that is not approved until we make it approved, and we we run the right review around the around the model, and we gain some some level of of confidence. I think, that's funny because when we always when we talk about risks and and especially AI risk, I always think about, well, there is there's not the, evil AI. Right? Most of the risks is that are that are that are generated by by the use of AI, they are operational. They are, almost self inflicted, if you will. But and and you're right when you said in your introduction, unintentional. That's exactly the point. Right? We're we're creating unintentionally a certain amount of risks. And I think shadow AI is one of them. I I I see a a big one of them. I I see a few other ones. And, top of my head, I would think about, like, the when you when you work when you when you when you build an AI capability in AI, whether it's an agent framework or chatbot, name it, you're going to work with datasets and you want to, of course, your your your issue well intentions, you're gonna be like, okay. Well, I'm not going to use my my my production data. Thank god. I'm going to duplicate this, dataset and and make it, specifically dedicated to my, to my AI initiative. Well, now you duplicated sensitive data. You duplicated the sensitive dataset. So you created this unintentionally, we created this additional risk from a from a data exposure. And and and then question becomes, well, what about the data flows? How does this data flow into this new this new, this new dataset that you, that you created? So you you you you lose a bit of of control on this, on this, on this datasets. So that that that's just you know, it's another. example of this unintentional aspect of creating datasets. You can have the best intentions of the world, but there is going to be a domino effect of of risks, because it's, again, it's it's just it's a green field. It's a new it's a new space. So so we have good intentions, but we create risks down the road. Yeah. I I couldn't agree more. It's it gets back to the point of we have both risk at the kind of, output level, like the individual users that are outputting, whether through an agent or task or whether through a model, some sort of reasoning or generative output. But we have a lot of risks still even at the data layer beyond just accessing data, copying data, understanding the historic consents or, accountability of that data. Right? Can I even use that dataset? And do I have, as, a developer, the permissions to copy that data and use Dan's data to better train your your DanBot? yeah. Right? Yeah. And I think a lot of organizations are still struggling at that visibility layer. Right? If we wanna talk a little bit more about how we get into deployment or how we solve some of these risks, right, rather than just scaring everybody here on a Thursday morning. I think the to me, there's kind of the four, initial layers, for visibility. Right? There's the data inventory, what exists, where is it. There, to your point, if there's copies of something, keeping track of those copies as well. There's classification as that second layer. There's lineage, Where has the data actually traveled? Right? Where did it originate from? What transformations did we put it through? And then finally, there's access controls. I think this has historically been about human identities. Right? What humans can access, what datasets, maybe what softwares can access, what datasets. But more and more, we're seeing what agents can access which datasets because an agent will if you give it directions, will try to access as much as it can to fulfill whatever task you've given it. So I don't know about your experience, but in my experience, most organizations have maybe one of those four layers covered. It might be access controls. That might be an easy place to start. But the inventory, the classification, the lineage, a lot of that is still left to be desired and kind of that bedrock for deployment. Mhmm. That that's absolutely true. Plus you you also want to to move from this legacy governance space to the, the the the new, I don't know, AI driven governance. Right? I mean, these layers, I absolutely agree. When you think about these layers as well, you can think about, well, inventory, that's great. Right? What exists? Well, how do I make this inventory or this discovery, automated? How do I, move towards more like a continuous, I would say, place rather than just static, place of of governance. But, you know, to to come back on the on the visibility, I I like this, I like this term actually, but it's because it's also when you unpack it, it's it's interesting. First of all, an inventory or a spreadsheet is not visibility. Right? It's, No. it's, it's maybe something that happened. It's a point in time, something it it it's gonna tell you, okay. Well, that existed at some point. The actual visibility is telling you, me what's happening now, what has changed, and well, when you know what has changed, you can you can assess, we can tell you, the impact. And so that that's where it's, it's it's it's really interesting to move from from the inventory position to the visibility, position because what's changing there is how the data has changed, how the data has has been transformed. You know, that's back in back to your, to your, your different layers, right, talking especially here at, like, Lineage, specifically. And so, one one good exercise, especially in, this AI driven initiatives that we are all part of, is, is, is is to take one take one AI workflow, and try to map it, end to end. You need to try to. to to map it. Try take a small one, an AI a small AI workflow. You don't want to start with something super complex, but take one that is sensitive data if possible because that's that's where your incentive is as a as a as a governance professional. You're going to try to document every transformation layer when it's whether it's coming from the from the source to how the data is embedded, to any, maybe, vector source that that that that you have, to the output, to the storage. And when you do this, you start to putting, to to entering a space where you can get into more, visit visibility. And, and and I think that's that's a good exercise that we all need to that we all need to do, and that's that that bumps your bumps your maturity, mechanically. Yeah. And that allows you to take steps beyond visibility, right, to your point. So Snowflake table is fed into a marketing model. It moves through an ETL process. It gets embedded in a vector store. Alright. That's all great. And once we even have visibility, and let's assume we are an advanced organization that can classify the data as it moves from point to point. That doesn't do anything for us unless we can put controls in place as well. Right? Visibility is just step one. So. I. don't know, Fred, if there are any controls you've been seeing out there where or organizations should prioritize putting automated controls in place versus relying on human oversights. What are you seeing in your day to day? Yeah. You have to have to write controls are going to be, is going to be the key and because controls is is is enforcement. Right? So you that's that's how you move from, from intentions to, to actually, enforcing. You put in place you put in place, controls. Because, yeah, we'll get a lot of companies that are going to rely on dashboards, inventories, committees. That's great. That's, you know, that's that's not a control. That's that's awareness. Right? We we describe facts, but but your actual controls are going to be, to be, to be the ones that are going to put you in a place or, to to actually be able to enforce, what you what you say you would do. If you think about a a data pipeline, you're going to be, to be thinking, okay. Where do I, when I identify a new data flow, for example, I want, this, agent just put your put yourself in a position where you built this agent framework for for governance. Right? And so this agent is going to identify a new data flow. It's gonna tell you, hey. Well, identify this new data flow. These are the actions that I took. Sure. I suggest, updating the, for example. I suggest putting in place these controls, and that's where you're going to have also so a lot of things are going to be automated. A certain number of things need human approval, of course. The decision making piece, is, is is where where human are going to, to to to thrive, but classification can do can be automated. Tagging of data can be automated. Search number of low risk, decisions can be, can be, predefined as, okay, a green light for the for the agents to make these decisions, but then human in the loop is important. It's going to you would need to loop in the human for any, behavior that is strange, for any data exposure, for any, edge case from a regulation perspective. And so that's that's where you want to to to set up these, these controls. Use the humans. It's funny to say that as a as a human, but use the the put the human at the center of the of the decision making, and, and and, you know, the more you automate upstream, the more it's going to to, to to to bring your organization to a better maturity place because there is one thing, Dan, I'm sure you you you noticed, is that the best governance controls are the ones that you don't see. So. automation is an amazing vector for us to to bring these, these, these activities that are increasing your maturity, but but not increasing friction with the with the with the users. Yeah. I especially love that last point. It we are not doing our jobs as governance compliance individuals if we are slowing down the business. Right? And we're also not adding headcount. So to your point on the human oversight, I I was talking with a customer last week, and we were describing it. It's it's about triage at this point. Right? Humans can review exceptions. Humans can. review, notifications when sensitive data is involved to rely on that upstream classification to be able to inform the human review. Right? But it's about risk thresholds and not reviewing every little decision along the path because at that point, you'll, you'll become the bottleneck. Right? So I think the governance tax can't. is real. Yeah. The governance tax is real, but, if you have the other tools in place, the classification, the automated policies on on on your pipeline, understanding, the provenance of data that that enables you to just say, hey. These are the times I need Fred to step in. Speaking of stepping in and kind of people, right, the people side of AI, how do you think about ownership? AI is kind of owned by everybody at this point. I think we're starting to narrow in on who should own AI, and it might depend on the context. But, you know, in your opinion, with AI touching so many teams, who's actually owning the risk now? No. That's a very valid question. I think that's that's one that I that one one one failure that I dropped at the at the beginning on your first question. Yeah. I mean, if if everyone owes, no one owns. Right? So, that's that's, that that that becomes a the hot potato hot potato game, and you want to avoid this, absolutely. I think that it's also the the re the the question of ownership also comes from the fact that AI was this weird technological beast that that just happens to, to spread across the, the the enterprise. And so, the the reaction has has to be has been like, hey. Let's let's have technology or or security or own this own these initiatives. Right. It's it's a valid point at the very beginning. So but now we we we grew up a little bit with AI. We need to to to take a step back and realize that, well, AI risk at the end is a business risk. Right? It's not a security problem. It's not privacy problem. It's not a legal problem. It's business. Because at the end, the reason why we, we we implement and we launch AI initiatives projects is to serve the business and to and so whoever is is is capturing the outcomes of an AI initiative should be the owner. And that clarification is is is critical, because the the the worst that can happen is for an organization to rely on assumptions. There the assumptions I there's this this show that I used to watch, Reacher, the and the the main character was saying assumptions kill. So that's Okay. I was in. a war environment. Okay? So let's put this. aside. But if you take the the substance of that, assumptions are harmful in any, in in in any organization in day to day life as well. And so the way you you get away from assumption, you eliminate, governance by assumption is to define clearly who is owning what. And so, the over and there's this notion of co ownership as well. Right? So you have an executive owner that is going to be who is who the business, if you if you if you build a a a customer, facing, the customer support, chatbot, well, the owner is going to be the the sales team or the the customer facing customer service teams. Right? So who's the executive owner? And then you have the data owners, the model owners, the operational owners. So there's needs to be there there's a need for co ownership, but at the end of the day, there's one accountable body, one accountable unit, one accountable person, leader, that is going to be who is, who the, who is benefiting from the outcome of this, of this AI project. What I what I find absolutely fascinating in this, in this evolution of the of the of the industry I mean, industries, at large, with AI is that it's it's it's an opportunity to collapse the silos between between different, Yeah. teams because we don't have a choice. We have to work together. And so there are certain organizations that already have a, you know, a fluid and, an efficient, operating model and and and that work well together. There are others that don't because they are they are siloed or they have a certain governance at a at at the enterprise governance layer that is that that is fragmented. These companies gonna have to to collapse this this silos. They're going to have to work together because, again, AI, governance, AI, ownership is about co ownership, right, working together. Yeah. I love that you brought that up because, obviously, I'm coming at it from the the vendor side these days. But that where that's even reflecting in the work that our organization is doing with our customer base as well is, previously, there might have been organizations we're working with where it's the the CSO or the CDO or the chief privacy officer that is most interested in classification, right, or building out that that that catalog and the understanding. Nowadays, it's not uncommon to have two or three of those individuals in the room, because everybody suddenly cares a lot more about data ontology and ownership and everything like that. And getting back to the your earlier point on accountability, I'm a I'm a simple minded man myself. When I think of the accountability and what we've been seeing, working for some of our customers is assigning ownership at that data asset level. Right? So if you own the die the data, the underlying data that a model or an agent is interacting with, you own the risk coming out from, in any outputs of those models or of those agents. Right? So. if you own the customer database and you start training on top of that data, you own all of the risks around it as well. Otherwise, you get into that governance by assumption, and assumption kills as as Fred just taught us. The data team is assuming the model team handles compliance. The model. team assumes legal has already reviewed everything. Legal assumes IT and security are putting the controls in place, Give me a sec. reality, everybody is just assuming somebody else has their hand on top of this already. Right? And so, like, a common example is, like, I think marketing data. If the marketing, data is being used to train the personalization model, you need to bring the CMO in who might not have been part of. any of these governance councils, that we've previously established. And I do think it does remind me one other thing as you were talking, when we're talking about data ownership. In a previous life, when I was in an organization, in house, we had the same concepts for data breaches, and and I think it starts to apply here as well. Right? The organ the team that owned the customer data or the employee data, that went through an incident or breach of some kind, at the end of the day, they were the one that was having to have the breach associated with their their team. They were the ones owning the mitigation process or accepting any of the risks. Right? And, obviously, that being the worst case scenario, with AI, but AI breaches are becoming very real. That, the IBM, does their yearly, data breach report. And as of 2025, we're only five months into 2026. I can't imagine how this has gone up. But in 2025, AI was contributing to over 20% of breaches that were recorded, for the IBM data breach report. And so if you start thinking about the worst case scenario with these models and the worst case scenario is becoming more and more realistic, I think you can also start to fall back on, the kind of historic ownership model that has already been around when it comes to who owns what data. I mean, yeah, you bring up breaches or incidents. That's that's where the, the, any, unknown from an from an ownership or or, or accountability is going to explode. And that's where, you know, that's back to what we said earlier. Right? It's it's it's quiet until it's public. Right? I mean, so when you have an incident, when you have a bridge, well, it becomes public. And so when you run these, these, these these crisis management, management, groups, the amount of finger pointing that happens at that moment if. you, if there's no, clear ownership of of accountability is is is is crazy. But but that's where accountability and and ownership that requires courage too. It requires leaders to to lead by example, to to to stop finger pointing, to own the, to to to to say, I own this. I'm accountable for this. It's not the fault of that team. It's not the fault of that vendor. And and I think that's that's also, you know, talking about I'm I'm an optimistic, person, I think. And so I I see AI as an amazing opportunity as well to to make the leaders that that have courage shine. I hope these guys will shine in this in this, in this, in these situations because, again, if we if we put ownership and accountability as becoming as one of the priorities from a governance perspective, that's going to inherently, shed some light on the leaders that actually own are accountable and and lead by lead by example. So great opportunity, I think, even from a from a person, like, you know, individual perspective. Yeah. There there there's a void, and somebody needs to step in to build it. Right? Well, There you don't. wanna keep this on negative thoughts then, so let's let's stay positive here. I love that, Fred. You're you're looking at this all as opportunity. What will separate those organizations or those leaders, that scale a AI responsibly from those that are creating risk more risk than they need to? What what are the tangible things that somebody can do to be that leader? Yeah. So, not just good intentions. Good good intentions is good, Sure. but it's not going to, I mean, they don't scale. Right? Good intentions don't don't don't don't scale. So what's what's going to be, to be the, I think, the differentiator when it comes to, to deploy AI responsibly is how you can embed your governance within the pipelines, within the workflows, within the the deployment process, within identity layers. Right? Governance needs to be quiet. Governance needs to be in the backstage. Governance needs to be edited. That's going to be your your number one, d differentiator. The more friction, the less the less, the less governance would be, would be successful. You also want to be able to measure, because the more quiet it is, then sometimes the more difficult it is to to measure. So you want to think about KPIs up front and be, okay. Well, I need to show how governance is is operationally effective. So you want to have this, this, this this, these, you know, KPIs in place. But it's all about, I think, considering governance, not just as a compliance add on or a or a or a nice to have, but, but embedding it directly in your processes, directly in your, in your workflows. You need to shift from from the from the old approach of in the static approach to what a continuous, approach. That's where the embedding is, is going to be your your driver, I think. Yeah. And I I think that's the major shift of at least from what we're seeing in in 2026 is, you know, with agentic, agents coming out. Right? We we are shifting from AI generating content based on a human decision to AI taking actions. So that is going out and, yeah. booking your meetings, modifying databases, sending emails, executing code. Right? The human is out of loop by design. Voice. So what we put in place instead, I I think the the analogy that comes to my my mind is the difference between a speed limit and a speed bump. Right? I think in. the past, governance has been very much the speed limit. Hey. Yeah. X y z might introduce some risk, but with agentic AI coming into place here, I think we need more speed bumps, physical constraints that are actually built into the architecture. Every AI agent needs four different governance properties that I've I've been seeing is identify who is the agent, what is the goal of the agent. Second, make sure they have least privilege access to data. Right? And how do you do that without classification? Third is the kill switch. How do you stop at mid execution? It it's difficult to even identify when one of these agents is going rogue. Right? But you need to have a fail safe in place to be able to turn. the agents off. And then fourth, the audit trail. There's an interesting company I saw recently too that is is focusing on the the audit trail of agents where not only every action that an individual agent did, what data did it touch, when did it execute, but also during that audit trail or during that loop that the the agent was going through, what humans, approved of these actions. Right? Can you tie an agent's action back to an individual approver? And so I think that's, from my point of view, that those are some of the governance conversations that are are starting to boil up specifically because we won't always have the human in the loop, kind of by design. Right? Gartner had a a really interesting statistic, and it doesn't surprise me at all. In 2025, organizations were predicting that, 5% of organizations would have some enterprise level task specific agents deployed. Right? So some production level agent, whether it is architecting your entire platform or whether it is a taking care of one task for your customer service team, they said 5% in 2025. That number has jumped up to 40% by the 2026. So at the enterprise level, we're eight x ing the the amount of organizations that are deploying agents. And so that alone introduces tons of governance, implications. Right? And we're still figuring out what the controls need to be. Yeah. It's a good, it's a good brain teaser for sure. Two two things. I mean, I love everything you said. Again, love the data point. Two things to unpack from that, I think. One is is yeah. Of course. Right? You you go from from from models that that that generate content to, agents that are going to, take actions. And, and and then you want to to to shift, therefore, as a governance professional from, well, we instructed, AI to not do this. That works in the, in the I was gonna say six months ago, that still worked. Now that agents are on the on the rise and your your your data point, illustrates this, very well, you want to shift from we instructed AI not to do this to we prevent the system from doing this. And so you you you that's where you really want to, to be much firmer and much much more. Like, even, like, architecturally preventing a system from from, from from taking a from making a certain number of of actions. That, you know, and that's the the second point completely connected from an identity perspective. I love what you said. I mean, I'm a cyber risk professional by by trade, I think. I could I could I could say and, at least privilege all of this. That's exactly what what you what you need. Right? I mean, you would not give an I I use this, this analogy sometimes. You would not give admin access to an intern that you just, hired one week through, through their internship. Right? So what would why would you do this with an agent? Why would you give admin access on certain systems to, to an agent? So identities are going to become more and more, they are already, rising from a priority perspective, but they're going to be to become to become critical. I think there's another concept, that that I that I think was not very, very famous. I I think it was it was it was poorly explained, I think, at some point as zero trust. But that's exactly now is going to be the rise of zero trust again. Right? Because by definition, you don't want to trust an agent. What what was sometimes hard to explain when it comes to users, when you you you derive it to, to, to agents, then I think it's going to to have this this notion, really pick up and and be, be accepted, more, more generally. Yeah. I think Zero Trust had a had a bad PR team. But but but the the concepts were alright, and we're we're seeing it come out in with other terminology these days. So with with agents specifically, there's this concept of, like, harness engineering, that is becoming. more. and more prevalent where, again, you have the the guides to your points. Hey, agents. You know, these are the generic system prompts that I want you to follow. Here are some policy docs that you train on. But we've seen time and time again that the guides alone don't do enough. And so a a true harness also includes the sensors, alongside the agents. So notifications, being able to identify agent is accessing this file. It can or it should be able to, it shouldn't be able to, or reason in the moment to evaluate whether that was a a valid extension of their access, and then the data context layer as well. Right? So this is becoming really important with harness engineering. If you don't have the data context, there's nothing for the harness to to be built off of. Right? If I explicitly state within my harness for an agent that my agent can't access HIPAA related data, but we haven't classified HIPAA data across our environment, how will the the harness be able to enforce that? So I I I do think zero trust. had it right. It it just didn't have the the right team around it or the right individuals speaking it up at the time. One other kind of risk vector that I we haven't really touched on that much are vendors. Right? I'm coming from a vendor, but all vendors at this point are providing some AI capabilities. Every SaaS vendor is coming out with some sort of a Gentec component or is building an MCP layer on top of their products. How should organizations be thinking about third party AI risk these days? That's a that's a big one. Yes. To your point, every SaaS vendor is an AI vendor now. Right? Alright. And and I think, inherently, when you think about this, this statement, even if it's ironic, what it means practically is that I think, we, organizations, have much more AI, deployed than we think we have because we inherit all these, these, these AI and these and, therefore, the AI risks from the from the from the vendors that we that we work with, and that incrementally have added AI functionalities to their to their tools, and for very good reasons. And the the value added is here. However, you want to be mindful of the of the risks that it's, that it's, that it's adding. And and and as everything, mostly from a governance perspective, but if you think about from a vendor risk management perspective, we need to shift. We need to evolve. We need to modernize our approach. We used to be looking at security, at validity compliance from, from our vendors, sending massive questionnaires to them to respond, and based on their responses, do whatever our, TPRM processes were, were were telling us to do. But, what this what this this approach and these questionnaires did not did not cover was, the behavior of the models at the at the at the vendors, what's how the data is, is used for training, how the data is used, you know, downstream from an from a from a processing standpoint, and and and all the and, also, beyond the the vendor risk assessment itself, the contracts that we had, at least, from one or two years ago, never talked about that, of course, because it's it's such a novel, technology that, that you want to to now take a that's an opportunity to clarify all this with your with your vendors. You want to clarify, well, how the how my data, the data from, from my company is going to be used to, to train your models to how the prompts are going to be to be stored, how the outputs are going to be stored, how the data is, is deleted. And that's that's actually it's a good, it's a good, first step. Right? If you if you if you real if you feel lost with with all this this AI's fraud, I think, from a vendor's management perspective, it's okay. A good a good first step, a good, quick quick win, I think. Quick win. Low hanging fruit. Okay. Let's put it this way. It's, to say, we. go. Let's take all the vendors that that have introduced AI features in the past, I don't know, three, six, nine, ten months, twelve months, and then you want to reassess it. You want to reassess the data exposure. You want to reassess the retention, reassess, how the models are trained, reassess the the downstream usage. And I think we we need to to realize that a DPA, it's not because you signed a DPA that you have AI governance. You want you need to dig to dig deeper now, and and a good way to start is to take a few vendors and go through this. And because you need to start somewhere. Right? And you you're gonna have to do this across the board for all vendors. Take one. Take a few ones. Take a few ones that that make you a little bit, worried right now and and and dive into these, into these questions. Yeah. I mean, it's a great point with with with those those vendors. Most contracts prior to 2024 with a SaaS vendor Probably wouldn't have ever even considered, training of data, who owns the data, and everything like that. So and I assume most organizations haven't repapered with all of their vendors in in the last eighteen months to keep that in mind. But, yeah, I completely agree with you. It is, again, maybe lower hanging fruit to put the onus on those third parties. And the three questions that come to mind that every vendor needs to be able to answer for an individual is, does our data train or fine tune your models? Are you using my organization's data to better, improve your own infrastructure? Can we audit how our data is classified and handled? Is it separated? Is it all pulled together? Are you copying my data to your own environment for training or for your own internal use? And then what happens when we terminate. This, I hope, is already included in all of the DPAs that are out there. But due to the copying of data, the additional, transformations that we're doing, the caching of even just any model outputs that the the the vendors might be utilizing, we need to be very confident that our data is being, removed post termination. Right? So those are some of the AI risks on on the vendor space that come to my mind. And then we did get a good question that kinda leads where we wanted to go anyway from from from Remi here in the chat. So if you were to go into an organization that is yet to govern their AI, what would you do as the first, as the new AI governance lead? So what what is step one if if Fred gets hired away to to be a chief AI governance officer somewhere? I would look at the foundations of the house, foundations of the building. I would not look at the shiny objects, not the AI models or this great stuff, but I would look I would come back to what are my what are my pillars that will hold this AI building and and and and make it not collapse, Data governance. access the data governance, first of all. You need to know what data you have. Do you know what data you have? Do you know what data exists? Do you know where your sensitive data is? Do you know how the data is transformed? Do you know what AI systems is touching it? Do you know who accesses as which individual services or systems access access this data? I would come back to the basics, and, it's it's not, it's it's boring. It's not shiny. It's it's it's not the the the fancy stuff, but if you don't get the foundations right, well, your your your house is going to, to, to lean. They're going to to maybe not collapse, hopefully not. But but if you if you have to fix the foundations once the house is built, well, it's going to cost you a little bit of money. You don't want necessarily that. So get your basics right, first, and then you can start building block by block your, your your AI house. Yeah. I completely agree, the block by block Lego approach. And I I my first step, I think, if I was stepping into the role is I would first assure everybody that you are not alone. If you were, joining an organization that is yet to govern their AI, Deloitte had a had a study this year, that 27% of organizations said that they confidently had, a strong AI governance program in place. That even seems a little high to me. But, if if you do the math, that means seven 78% of folks are are not confident that they are, that they have some sort of governance in place. Right? And so I I would completely agree with everything Fred said. The one thing I think I would add is, the data layer, is where I would I would start. So if the fix, if you are, trying to implement AI governance, you need to be able to have that continuous governance like we talked about. You need to be able to treat governance as more than just a stage gate. But continuous governance without continuous classification It's just continuous aspiration. Right? If you don't actually understand the data, there's no way that you can automate any of the compliance checks that go along with it. So for me, it is starting at the data layer. It is understanding what data is out there, and that allows you to apply all the controls that you need to apply. And then we did get a question. AI governance is not only about data, so why should we first look around data foundation? So I guess I'll take that as I think I was just covering. It it from my perspective, it is not only about, AI governance. It's not only about the data layer, but at the end of the day, what we are feeding into these models, what we are training agents on, is data. Right? AI in in its nature is going to find the next logical path. Right? It is going to take the average of as many data points as you can provide to it and logically determine this is the output, whether that is, generating some sort of document or whether that is, clicking a button on your behalf as an agent. Right? And so when when we are dealing with these models and these agents that are trying to direct us to the mean, to the average, if you don't understand the data that is inside of those, agents or inside of the models, that is the the first step in my mind to allowing, govern true governance on top of the the models. Right? It's not the only step to your point, post classification of data, post training of the data. Earlier, we talked a lot about harnesses and putting, access controls in place, for models or for agents. Obviously, all of that is important as well. But if you don't know where the sensitive data is, you don't know what to prevent the model or the agent from touching, to me, that is that is step one, right, to be to even allow you to choose where to place controls. Fred, I don't know if you have any thoughts on that. Yeah. 100100%, I I agree with you. I also agree with, with the the person who asked the question. It's not the only one, but it's the first thing that you the first topic you want you want to look at. Once you know what data exists, then you know where your sensitive data is going to, to be. If you did your classification, you have configured your classifiers right. You know where the data is going to be. You know where how to secure it. You know where to secure it. Which data asset do you want to secure more than more than others based on the sensitivity of the data? Of course, you want to, know which privacy regulations you're dealing with based on your geographic footprint, based on your industry. Are you, HIPAA, friendly? Are you in financial services space? Are you, working with government? So this is going to give flavors, directions for you, and that's where prices pretty work hand in hand. That's my big, big thing I'm pushing, every, every day. But that that's that's going to give you this, this framework to move, Yeah. with privacy operations, with security operations, and AI governance. And, Fred, you actually got a a question here. Earlier, you had mentioned measurement. Milind was wondering what are the best ways to develop and automate metrics, I I assume, related to to AI governance. What are the metrics that you're looking for when you are trying to measure? That's a that's a that's a that's a great question because it's it really depends on on what you're, what you're trying to achieve from a from a from a governance standpoint. I would I would think, if I think, going to mentally cheat and think about the the the data discovery, screen in in BigID, see, Dan? There told you. I would talk about BigID at some point. This is a type of of of dashboard, mental dashboard that you that you want to have. Right? So how many, how many security findings, did, did you did you find? How many data sources have been, have been, have been scanned? How many, how many, classifiers are are working, not working. And and then, you know, KPI is is not just a number that is that is that is, shiny and, and fun to report on. Well, you need to define the range, the acceptable range. Where are you green? Where are you, yellow? Where are you red? What's your you know, is it, is this number the higher it is, the best best it is? So this this is, I think, the type of KPIs you want to, you want to look at. You can and then you can derive KPIs on every, I would say, AI governance adjacent places. Think about TPRM. Right? You can think about, well, how many how many days do we take to to, to to to perform a vendor, a vendor risk assessment, when it touches, when it touches AI. Well, maybe if you take a half if the if your average is zero point five days, maybe that's not such a great, metric, because that means you you go you go too fast, maybe if you don't look at the the the risks. So your your your KPIs are going to be, very, dependent on, on what you're actually trying to achieve, the objective of your of your of your of your governance program, and that's, to one of the foundation pillars. One of them is governance, you know, policy, governance operating model. That's, that's that's that's your driver to define your KPIs and show and show having them able to to show measure measurable output for all from your activities. Yeah. I could couldn't couldn't agree more on the kind of, the the KPI, the measuring of program side. This might be aspirational of me, but one additional KPI that could be included, if you are truly embedding governance into AI deployment model, agent deployment, then number of, successful launches can can hopefully someday be adopted by the security and privacy teams as well. If they're truly seen as partners in the deployment of AI internally, they should get credit for some of the the deployments and enabling the business teams, deploying all of these, new tools as well. So, again, might be a little aspirational, but, something, for privacy and security teams to try to latch on to. Good one. Well, I think, Fred, we are coming up on on time here. We're getting some, some, additional questions. If you do have any questions that we weren't able to cover during our time, I'm sure you can find Fred is constantly, posting some great content on LinkedIn. I I would suggest, connecting with him there. You can find me as well if if there are any follow ups. But, before we let everybody here go, Fred, are there any any final parting thoughts that you wanted to share? Yeah. Not many, but if I if I'm if I'm, yeah. Knowing we would one minute. Yeah. yeah. Okay. Let's fix this let's let's fix the assumptions. Let's bring accountability, ownership, and courage back in the game. Let's find the leaders that have the courage to lead. And, and I think that's that's going to be, like, the tone from the top that that we need in the, AI governance space, and the and the rest will flow, with the with the right direction. Yeah. I don't know. I I don't think I could end on a better note if I tried to. So thank you all, again, for for for joining today. I hope this allows you to take that courage that that Fred wants, everybody to have and be able to to step into leadership roles here, in the AI governance world. But, again, we appreciate you all joining, and please reach out if there's any, additional context or questions that you have. Thank you, Dan. Thanks, That's right. everyone. Thank you again for joining. Yeah. Yeah. Bye.