Developing artificial intelligence is a data-intensive endeavor that puts into focus the need to protect critical information with strong consumer privacy protections and strategic cybersecurity practices.
Responsibility for an organization’s cybersecurity and privacy posture is increasingly rising to the highest levels of management, reflecting cybersecurity’s pivotal role in operational and financial performance. This also indicates the growing importance of ensuring that critical personal and business information is handled and processed in accordance with company expectations and requirements.
With AI, organizations can dramatically enhance cybersecurity and help identify and mitigate vulnerabilities that malicious actors could exploit. Companies already use all types of data to train and refine a variety of AI models — from systems analyzing weather patterns and customer-facing chatbots, to more significant uses like cybersecurity. BSA | The Software Alliance’s “AI Policy Solutions” outlines how policymakers worldwide can advance privacy and cybersecurity in tandem.
BSA Supports:
- Supporting strong, comprehensive consumer privacy laws;
- Developing privacy-enhancing technologies;
- Using AI to assist in secure software development; and
- Harnessing AI to improve cybersecurity risk management.
Why It Matters:
AI is a tool that can be deployed in a variety of contexts, including cybersecurity. Enterprise software companies use AI to develop more secure code, detect and respond to threats and vulnerabilities, protect against malware, improve identity management, and generate threat intelligence (among many other uses). Policymakers can help enable the use of AI in cybersecurity by making sure that policies and requirements take a risk-based approach, promoting the use of AI as a cyber defense tool, and harmonizing laws and policies.
Privacy policies also vary across economies worldwide, as do agreements between governments about how sensitive data and information can be shared across borders. BSA supports establishing strong and cohesive approaches for controllers and processors of personal information, promoting the use of data for legitimate business purposes, and backing up those requirements through robust government enforcement.
What’s Going on:
- In the United States, the debate over federal privacy legislation was rekindled by the introduction of the American Privacy Rights Act.
- Across the US, 19 states have enacted consumer privacy laws, though some newer proposals are beginning to stray from long-standing models for action by states.
- In the European Union, the European Commission is undertaking the first major review of its landmark GDPR privacy legislation.
- BSA continues to engage in jurisdictions like Brazil, Vietnam, Thailand, and elsewhere regarding privacy laws and rules about transferring personal data.
- BSA applauded the US Cybersecurity and Infrastructure Security Agency’s efforts to promote the use of secure software practices.
- BSA released “Cybersecurity for the C-Suite,” a guide for executives and board leaders on managing cyber risks within their organizations.
