This presentation delves into the imperative task of redefining risk management in the era of Artificial Intelligence (AI). As AI reshapes industries, it also introduces unique risks and challenges. This abstract offers a glimpse into how traditional risk management approaches must evolve to effectively address the intricacies of AI-related uncertainties. Through real-world examples, it explores emerging concerns like algorithmic bias, privacy infringements, and unforeseen consequences. Attendees will gain insights into proactive strategies, including leveraging AI itself for risk assessment and mitigation. By the presentation's conclusion, participants will grasp the essential steps needed to navigate the uncharted territory of AI-driven risks, ensuring responsible and secure integration of this transformative technology.
Modelling Cyber Risk is hard. Only a few historical data in known quality exist. Cyber Risks occur with a low frequency but their impact and severity might be high in case they come to pass. In my session I will give an inside how we got started to quantify Cyber Risks and what the challenges are to derive conclusions for risk steering and capital allocation.
How can I effectively address cybersecurity vulnerabilities within my organization? Also, what are the implications of the Cyberresilience Act for this? EDITH, the European Digital Innovation Hub for Hesse, has extended an invitation to Dr. Steven Arzt, a cybersecurity expert from the Fraunhofer Institute for Secure Information Technology SIT, for a #DigiTalk session discussing best practices for Coordinated Vulnerability Disclosure.
Coordinated Vulnerability Disclosure (CVD) is the process with which ethical hackers report vulnerabilities in software and systems to manufacturers and system operators. Researchers commonly often assess the security status of a system or product independently, i.e., without a formal invitation, contract or integration into a company’s strategy. While these unasked-for vulnerability reports are still considered an insult by some companies, others openly embrace their value for strengthening the company’s IT security by interacting with the hacking and research communities. In his talk, Dr. Arzt shows how a proper CVD process can greatly benefit companies and the wider IT security community at the same time. It is shown how CVD can not only help identify and fix vulnerabilities, but also send a strong positive message about a company’s attitude towards IT security.