How to Use AI as a Security Risk Manager

(I’ll keep this short as I don’t want to suddenly spam your inbox after weeks of silence.)

I’ve been collaborating with Doug Gray from HumanRisks on an AI white paper these last few months, and I’m pleased to announce that it’s now published.

We took a much deeper dive into the topic than in any of our previous work, conducting a thorough review of how AI can assist security risk managers. We based this on the most recent academic studies of how knowledge workers make best use of these tools and aligned these AI benefits with identified gaps and challenges in Security Risk Management.

(And by deep-dive, I mean deep: we get right down to the task level, showing how specific processes in the enterprise security risk management (ESRM) cycle can be enhanced by AI.)

But even if you don’t need to get to that level of detail, it’s giving you the background and a framework to think about how you can implement AI in your own organization.

We hope that this is something that security risk managers can pick up and put to use right away. But to be honest, there’s a lot for risk managers in general as the top-level framework is quite flexible.

The executive summary is below plus a link to the shared download page.

This was quite an endeavor and I’m hugely grateful to Doug for not only being a great thought partner and co-author but for tackling the meatiest parts of the paper and steering it to publication. Thank you.

I hope you enjoy the paper and find something of value here.

All my best