Data Security

Data Security Working Group Meeting - 4/25/24

Meeting Summary
The team discussed the latest developments in CSA publications, including the release of the The State of AI and Security Survey Report and the HSM-as-a-Service paper. They also proposed the development of a data security-focused AI topic, with Oliver presenting an initial outline and the team agreeing to collaborate on the Data Security within an AI Environment paper. Lastly, plans for a team-led session on data security from AI for the upcoming symposium were discussed, with contributions from all team members invited.

Topics & Highlights

CSA Publications and AI Updates
Alex discussed the latest developments related to CSA publications. There were no new publications in the last two weeks, with the exception of a service and a few translations. Alex highlighted that the AI Survey Report Commission from Google, which was completed in November of last year, was recently released for peer reviews. He also mentioned the extension of the healthcare V2 and the establishment of a new working group related to enterprise authority to operate. Furthermore, Alex encouraged participation in the Data Resiliency survey for further results and analysis, and announced an upcoming AI summit and Road to AI Summit webinar series at RSA.

Developing Data Security AI Proposal
Alex discussed a proposal for developing a data security-focused AI topic, acknowledging that it was currently a template waiting for contributions. Oliver agreed to establish an outline for the project. Sandeep, a newcomer to the forum, introduced himself as a senior manager in Fintech, with a focus on data security, network security, and cloud security. Alex expressed hope that the addition of new members would provide the momentum needed to move the project forward.

Data Security within an AI Environments
Oliver presented an initial outline for a project to Alex, which aimed to establish a framework for understanding and addressing data security in AI. Oliver suggested leveraging the approach of the AI group and incorporating their work, along with other relevant artifacts and information. The outline included key topic areas such as data security, regulatory compliance, and techniques for enhancing data security in AI. Oliver also proposed to include potential case studies and future trends in AI and data security. Alex agreed with the plan and seemed to support the initiative.

AI Data Security Framework Discussion
Oliver, Alex, Sandeep, and David discussed the structure and content of a paper on data security within AI environments. They agreed on the importance of establishing trust and the need for careful data classification and model training. The team decided to convert Oliver's outline into a template and circulate it among members to collaborate and add relevant sections. Oliver emphasized the importance of focusing on data security, which he noted is often overlooked in discussions about AI and cloud security.

Event Coordination and Meeting Plans
Gopi invited Oliver to a small event run by his employer, which Oliver regretted he couldn't attend due to his location in Texas. Gopi then informed Oliver about a similar event happening in Dallas, to which Oliver agreed and asked for the link. Additionally, Gopi offered to send Oliver the link for a cyber security professionals' event happening in Dallas. Sandeep, another participant in the conversation, confirmed his proximity to Dallas and his interest in meeting Oliver when he's there.

Team-Led Data Security Session Planning
Gopi proposed a team-led session on data security from AI for the upcoming symposium, with the team preparing and presenting their findings. Gopi agreed to collect inputs from other speakers and attendees at RSA to contribute to this session. The group decided to use a paper as their main focus, which they planned to build around and share via email. The session's content was agreed to be housed in the Data Security Google Drive folder, with Alex suggesting that contributions from the team would increase as they developed the paper.

Collaborative Document Creation and Review
Alex, Oliver, David, and Gopi discussed a collaborative approach to creating a new document. They agreed to use a template and invited all members of the team to contribute sections, with each person claiming responsibility for a particular section. The process was compared to one previously used the AI Organizational Responsibilities  - Governance, Risk Management, and Cultural Aspects, with sections being assigned and accepted before being completed. The team planned to review the document in the upcoming weeks and identify which sections each member would like to work on. The idea of a "narrative approach" was also mentioned as a way to distinguish their work.

------------------------------
Alex Kaluza
Research Analyst
Cloud Security Alliance
------------------------------

Hello Alex,

I requested access to the document. Can you share it? I can call out which sections I can focus and contribute. 

------------------------------
Sandeep Gundapaneni
Senior Manager
Credit karma
------------------------------

Original Message:
Sent: Apr 26, 2024 02:15:46 PM
From: Alex Kaluza
Subject: Data Security Working Group Meeting - 4/25/24

Data Security Working Group Meeting - 4/25/24

Meeting Summary
The team discussed the latest developments in CSA publications, including the release of the The State of AI and Security Survey Report and the HSM-as-a-Service paper. They also proposed the development of a data security-focused AI topic, with Oliver presenting an initial outline and the team agreeing to collaborate on the Data Security within an AI Environment paper. Lastly, plans for a team-led session on data security from AI for the upcoming symposium were discussed, with contributions from all team members invited.

Topics & Highlights

CSA Publications and AI Updates
Alex discussed the latest developments related to CSA publications. There were no new publications in the last two weeks, with the exception of a service and a few translations. Alex highlighted that the AI Survey Report Commission from Google, which was completed in November of last year, was recently released for peer reviews. He also mentioned the extension of the healthcare V2 and the establishment of a new working group related to enterprise authority to operate. Furthermore, Alex encouraged participation in the Data Resiliency survey for further results and analysis, and announced an upcoming AI summit and Road to AI Summit webinar series at RSA.

Developing Data Security AI Proposal
Alex discussed a proposal for developing a data security-focused AI topic, acknowledging that it was currently a template waiting for contributions. Oliver agreed to establish an outline for the project. Sandeep, a newcomer to the forum, introduced himself as a senior manager in Fintech, with a focus on data security, network security, and cloud security. Alex expressed hope that the addition of new members would provide the momentum needed to move the project forward.

Data Security within an AI Environments
Oliver presented an initial outline for a project to Alex, which aimed to establish a framework for understanding and addressing data security in AI. Oliver suggested leveraging the approach of the AI group and incorporating their work, along with other relevant artifacts and information. The outline included key topic areas such as data security, regulatory compliance, and techniques for enhancing data security in AI. Oliver also proposed to include potential case studies and future trends in AI and data security. Alex agreed with the plan and seemed to support the initiative.

AI Data Security Framework Discussion
Oliver, Alex, Sandeep, and David discussed the structure and content of a paper on data security within AI environments. They agreed on the importance of establishing trust and the need for careful data classification and model training. The team decided to convert Oliver's outline into a template and circulate it among members to collaborate and add relevant sections. Oliver emphasized the importance of focusing on data security, which he noted is often overlooked in discussions about AI and cloud security.

Event Coordination and Meeting Plans
Gopi invited Oliver to a small event run by his employer, which Oliver regretted he couldn't attend due to his location in Texas. Gopi then informed Oliver about a similar event happening in Dallas, to which Oliver agreed and asked for the link. Additionally, Gopi offered to send Oliver the link for a cyber security professionals' event happening in Dallas. Sandeep, another participant in the conversation, confirmed his proximity to Dallas and his interest in meeting Oliver when he's there.

Team-Led Data Security Session Planning
Gopi proposed a team-led session on data security from AI for the upcoming symposium, with the team preparing and presenting their findings. Gopi agreed to collect inputs from other speakers and attendees at RSA to contribute to this session. The group decided to use a paper as their main focus, which they planned to build around and share via email. The session's content was agreed to be housed in the Data Security Google Drive folder, with Alex suggesting that contributions from the team would increase as they developed the paper.

Collaborative Document Creation and Review
Alex, Oliver, David, and Gopi discussed a collaborative approach to creating a new document. They agreed to use a template and invited all members of the team to contribute sections, with each person claiming responsibility for a particular section. The process was compared to one previously used the AI Organizational Responsibilities  - Governance, Risk Management, and Cultural Aspects, with sections being assigned and accepted before being completed. The team planned to review the document in the upcoming weeks and identify which sections each member would like to work on. The idea of a "narrative approach" was also mentioned as a way to distinguish their work.

------------------------------
Alex Kaluza
Research Analyst
Cloud Security Alliance
------------------------------