Sign up to save your podcasts
Or
Share CMM 10 - Securing GenAI, Recommendation #1 from the 2025 CISO MindMap
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
CMM 10 - Securing GenAI, Recommendation #1 from the 2025 CISO MindMap
Send us fan mail via text by clicking here!
Is it too soon for another podcast on AI? The gents think not. The first recommendation of the 2025 CISO MindMap is about securing AI and this week’s podcast attempts to go fairly deep into real-world experiences and recommendations. Your hosts try not to assume everyone is tuned in to all the different types, modes and capabilities of AI, so hopefully you’ll find this episode to be basic enough for newcomers and detailed enough to take action.
In Rafeeq’s blog, he makes several recommendations which are discussed in this episode.
- Setup standards and governance for GenAI.
- Research, validate, and approve LLMs (and other AI models) for use within organizations.
- Define what it means to have a responsible use of AI within an organization.
- Create a process to review use cases to ensure standards are adhered to.
- Update vulnerability management and AI application penetration testing processes to cater new needs for GenAI.
- Train security professionals on how GenAI, LLMs, RAG and Agents actually work.
- Establish a training and awareness program for IT staff.
- Explore open source options for GenAI (which are already providing viable solutions).
References mentioned in this episode.
https://rafeeqrehman.com/2025/01/11/how-to-use-genai-in-cybersecurity-operations/
https://rafeeqrehman.com/2024/06/30/run-llm-models-on-a-macbook/
https://rafeeqrehman.com/
https://www.linkedin.com/in/scott-a-hawk/
https://www.linkedin.com/in/rafeeq/
View all episodes
By Scott Hawk & Rafeeq RehmanSend us fan mail via text by clicking here!
Is it too soon for another podcast on AI? The gents think not. The first recommendation of the 2025 CISO MindMap is about securing AI and this week’s podcast attempts to go fairly deep into real-world experiences and recommendations. Your hosts try not to assume everyone is tuned in to all the different types, modes and capabilities of AI, so hopefully you’ll find this episode to be basic enough for newcomers and detailed enough to take action.
In Rafeeq’s blog, he makes several recommendations which are discussed in this episode.
- Setup standards and governance for GenAI.
- Research, validate, and approve LLMs (and other AI models) for use within organizations.
- Define what it means to have a responsible use of AI within an organization.
- Create a process to review use cases to ensure standards are adhered to.
- Update vulnerability management and AI application penetration testing processes to cater new needs for GenAI.
- Train security professionals on how GenAI, LLMs, RAG and Agents actually work.
- Establish a training and awareness program for IT staff.
- Explore open source options for GenAI (which are already providing viable solutions).
References mentioned in this episode.
https://rafeeqrehman.com/2025/01/11/how-to-use-genai-in-cybersecurity-operations/
https://rafeeqrehman.com/2024/06/30/run-llm-models-on-a-macbook/
https://rafeeqrehman.com/
https://www.linkedin.com/in/scott-a-hawk/
https://www.linkedin.com/in/rafeeq/