Artificial Intelligence & Machine Learning , Events , RSA Conference

Insider Risk in the Generative AI Era

Forrester's Joseph Blankenship Says Human Beings Are Fallible
Joseph Blankenship, vice president, research director, Forrester

In today's digital landscape as AI adoption increases, insider threats have evolved and now pose significant challenges to enterprises. Joseph Blankenship, Forrester vice president and research director, discussed the impact of generative AI on insider risks and highlighted concerns about accidental data loss and malicious exploitation.

See Also: Rethinking Browser Security: From Risk to Asset

A Forrester study anticipates that a high percentage of data breaches in 2024 will involve human error. CISOs should focus on changing human behavior through effective security training and creating a culture of security within organizations, Blankenship said.

"Human beings are fallible. There's a large percentage of data breaches that occur because a human has done something wrong," he said. "It could be that I clicked on the phishing email. That's a human component that may have kicked off a ransomware attack or a credential compromise because I gave my credentials to somebody outside the company. You look at all those elements, and that's where we are coming from with the human risk."

In this video interview with Information Security Media Group at RSA Conference 2024, Blankenship also discussed:

  • The risks posed by open-source LLMs;
  • The importance of incorporating generative AI into existing data-handling policies;
  • The effectiveness of identity-centric controls in detecting insider threats, particularly compromised credentials.

Blankenship supports security and risk professionals, helping clients develop security strategies and make informed decisions to protect against cyberattacks. As a research director for security and risk, he leads the analyst team researching security leadership, the role of the CISO, infrastructure and operations, detection and response, and Forrester’s zero trust model of information security.


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cio.inc, you agree to our use of cookies.