The growing use of artificial intelligence (AI) technology and new regulatory pressures are creating data governance challenges for cyber teams and board members, according to experts.
“The big issue here is who owns the data,” said Les Williams, chief revenue officer at Risk Cooperative on a panel at the Diligent Modern Governance Summit on Tuesday.
Boards and directors will need to think about who holds liability in situations where the AI technology creates misdiagnoses, he added.
Vivek Mohan, partner at Mayer Brown, said organisations will “need to think about data governance comprehensively”.
“When you are creating, generating or using large datasets, particularly to either deploy or train AI tools, you need to make sure that data is secure and […] you need to have a strategy.”
“It is a worthwhile investment to put the time and energy in [strategising] in advance rather than figuring out after an incident or after a regulator starts asking questions,” added Mohan.
Organisations are already seeing pressure mount around data protection as regulators crack down on privacy laws. Earlier this year, China enacted its first comprehensive data protection law – the Personal Information Protection Law – that will become effective on November 1.
Luis Palacios, director systems engineer at Cisco, said as organisations collect and hold more data, having a “cyber secure data management is fundamental”.
This entails having “periodic discussion in the company governance [on cybersecurity], establishing adequate processes and trainings on the employees so the [cyber] experts understand the business, include suppliers and distributors, develop response crisis communications and business continuity plans”.
As organisations’ technology tool kits become more complex, cyber insurance is adding another layer of complication for firms, said Williams.
“[Firms] are either being non-renewed for cyber insurance or the premiums are going through the roof.
“Cyber insurance, unfortunately, now is a loss leader for insurance carriers because of the number of breaches and hacks that are going on and the carriers have to pay out in the form of claims.”