Secure & Strategic AI

• Determine AI strategy and risk tolerance: Define the organization's risk tolerance for GenAI use and create a clear, documented AI strategy that aligns with business objectives and key trustworthiness characteristics (e.g., Fair, Safe, Accountable).

• Establish a governance culture (GOVERN): Cultivate an AI risk management culture and establish the accountability structures, policies, and clear roles for AI oversight across the organization.

• Navigate security and compliance: Articulate the data protection and compliance commitments of enterprise-grade tools like Gemini (e.g., content stays within the organization, not used for model training without permission, enterprise-grade security) and Microsoft Copilot (e.g., content remains within the Microsoft 365 service boundary, upholds data residency).

• Oversee risk mapping and management (MAP & MANAGE): Direct teams to perform AI Impact Assessments (MAP) and prioritize risk treatment, including deciding when a GenAI system development/deployment must cease due to unacceptable risks (MANAGE).

• Address 3rd party risk: Define policies for managing risks associated with third-party AI services and data (e.g., third-party intellectual property infringement, contingency plans for failures) as part of the supply chain risk management.

Julio is a cybersecurity and technology leader with 15+ years of experience in the IT sector, I specialise in tech leadership. Some of my specialities is cyber risk management, technical leadership, industrial cybersecurity (OT/IoT) and technical training/education.