Chief information security officers now have a new tool at their disposal to get started with AI securely.
The Open Web Application Security Project (OWASP) released the LLM AI Cybersecurity & Governance Checklist.
This 32-page document is designed to help organizations create a strategy for implementing large language models (LLMs) and mitigate the risks associated with the use of these AI tools.
Sandy Dunn, chief information security (CISO) at Quark IQ and lead author of the checklist, began work on it in August 2023 as an additional supporting resource to OWASP’s Top 10 Security Issues for LLM Applications, published in the summer of 2023.
“I started the first version to address issues I noticed in discussions with other CISOs and cybersecurity practitioners. I saw there was really a lot of confusion on what they needed to think about and where to get started [with AI],” she told Infosecurity.
Steps to Take Before Implementing an LLM Strategy
First, the document provides a list of steps to take before deploying an LLM strategy, including reviewing your cyber resilience and security training strategies and engaging with leaders about any AI implementation into your workflow.
No tags.
