Brief: As a board member, staying informed on AI and cyber security’s impact on governance, strategy, and risk management is critical. This comprehensive guide arms you with essential insights to help your organisation navigate the challenges and opportunities presented by these disruptive forces.
“Life finds a way.” – Dr. Ian Malcolm, Jurassic Park
The iconic quote from Jurassic Park underscores the relentless nature of both biological and digital threats. Just as the park’s engineered dinosaurs evolved to overcome constraints, cyber threats continuously mutate to evade defences. Simultaneously, artificial intelligence (AI) is advancing rapidly, with the potential to reshape industries and business models.
As a board member, staying informed on AI and cyber security’s impact on governance, strategy, and risk management is critical. This post will arm you with essential insights to help your organisation navigate this landscape.
Key Facts & Figures:
- The average cost of a data breach in Canada reached $7.3 million in 2022, a 21% increase from the previous year [1].
- AI is projected to contribute $15.7 trillion to the global economy by 2030 [2].
- Only 38% of organisations have high confidence in managing AI risks, despite 85% using AI [3].
- 43% of cyber attacks target small businesses, yet only 14% are prepared [4].
- The global cyber security market is expected to grow from $217.9 billion in 2023 to $345.4 billion by 2026 [5].
AI and cyber security represent tectonic shifts that will reshape business. Organisations that fail to adapt risk significant losses.
AI’s Disruptive Potential:
AI has potential use cases spanning industries, from healthcare and finance to manufacturing and marketing. It can accelerate drug discovery, personalize treatments, power algorithmic trading, enable predictive maintenance, and more.
However, AI’s disruptive potential goes beyond efficiency gains. It can reshape competitive dynamics and redefine work itself. Self-driving cars could disrupt the automotive industry [7], AI legal research platforms are forcing law firms to adapt [8], and generative AI like GPT-3 blurs the line between human and machine creativity [9].
As a board member, proactively understanding AI’s potential impact on your industry and competitive position is crucial. Key questions include:
- How might AI disrupt our industry’s value chain?
- What new business models could AI enable?
- How can we leverage AI for sustainable advantages?
- What capabilities do we need to succeed in an AI-driven world?
Data Governance & Ethics:
Data fuels AI, but this creates significant governance and ethical risks. Organisations must ensure robust processes for data handling that comply with regulations like GDPR, CCPA, and PIPEDA. Strict controls are needed to prevent breaches and unauthorized access.
Boards must also address ethical AI issues, such as:
- Using AI for hiring decisions if data reflects biases [10]
- AI for surveillance and tracking, even with consent [11]
- Ensuring AI transparency, explainability, and accountability
Clear ethical AI principles, governance frameworks, roles and responsibilities, and a culture of transparency and learning are essential. Key questions:
- Do we have a comprehensive AI data governance framework?
- Have we tested AI systems for bias and fairness?
- Do we have clear AI ethical principles and guidelines?
- How are we engaging stakeholders on our AI practices?
Cyber Security Imperatives:
AI can help detect cyber threats but can also be weaponized by attackers to automate attacks and evade detection. To counter AI-enabled threats, organisations should leverage AI defensively through machine learning, anomaly detection, and automation. However, cyber security is fundamentally a people and process problem. Boards must ensure investment in awareness training and a culture of vigilance.
Key questions:
- Do we have a cybe rsecurity strategy leveraging AI?
- How are we measuring cyber risk across the enterprise?
- Do we have regularly tested incident response plans?
- How are we attracting and retaining cyber talent?
The Role of MSPs:
Managed services providers (MSPs) can be valuable partners in navigating AI and cyber security challenges. An experienced MSP like F12 can help:
- Assess your current AI and cyber posture
- Develop and implement robust governance frameworks
- Deploy and manage AI-powered cyber security tools
- Provide ongoing monitoring, threat hunting, and incident response
- Deliver security awareness training and cultural change programs
- Attract and retain top AI and cyber security talent
Upskilling & Culture:
To harness AI and manage risks, a skilled, adaptable workforce committed to learning is essential. 50% of employees will need AI reskilling by 2025, in both technical and soft skills [12]. Strategic workforce development should include:
- Skills gap assessments
- Tailored learning paths
- Diverse training modalities
- Educational partnerships
- Continuous learning incentives
A culture embracing AI and cyber security as core values is also critical, with tone set from the top. Key questions:
- Do we have an AI and cyber security workforce strategy?
- How are we measuring and closing skill gaps?
- Do we have programs to build a future-ready workforce?
- Are we cultivating a culture of learning and risk management?
Looking Ahead:
AI and cyber security present significant challenges and opportunities. Proactive, bold board leadership is needed to invest in the technology, talent, and governance to thrive in this new era. While the path is complex, the stakes are too high to ignore. By embracing AI and cyber security as core competencies, organisations can emerge stronger and more resilient.
As Wayne Gretzky said, “I skate to where the puck is going to be, not where it has been.” That’s sage advice for any board navigating the age of AI and cyber security.
Schedule an AI consultation with an F12 expert to assess your AI & cyber security posture.
References:
IBM. (2022). Cost of a Data Breach Report 2022. https://www.ibm.com/reports/data-breach
PwC. (2022). Sizing the prize: What’s the real value of AI for your business and how can you capitalise? https://www.pwc.com/gx/en/issues/analytics/assets/pwc-ai-analysis-sizing-the-prize-report.pdf
KPMG. (2022). Thriving in an AI World. https://assets.kpmg/content/dam/kpmg/xx/pdf/2022/02/thriving-in-an-ai-world.pdf
Accenture. (2019). The Cost of Cybercrime. https://www.accenture.com/_acnmedia/PDF-96/Accenture-2019-Cost-of-Cybercrime-Study-Final.pdf#zoom=50
Statista. (2023). Cybersecurity market revenues worldwide from 2021 to 2026. https://www.statista.com/statistics/595182/worldwide-security-as-a-service-market-size/
CB Insights. (2023). The Future of Healthcare: 100+ Startups Transforming Healthcare with AI. https://www.cbinsights.com/research/report/ai-startups-healthcare/
MIT Technology Review. (2023). Self-Driving Cars: The Complete Guide. https://www.technologyreview.com/2023/03/08/1069473/self-driving-cars-complete-guide/
Harvard Business Review. (2023). AI Is Coming for Your Client Relationships. https://hbr.org/2023/03/ai-is-coming-for-your-client-relationships
New York Times. (2022). The Brilliance and Weirdness of ChatGPT. https://www.nytimes.com/2022/12/05/technology/chatgpt-ai-twitter.html
Reuters. (2018). Amazon scraps secret AI recruiting tool that showed bias against women. https://www.reuters.com/article/us-amazon-com-jobs-automation-insight-idUSKCN1MK08G
The Guardian. (2018). The Cambridge Analytica Files. https://www.theguardian.com/news/series/cambridge-analytica-files
World Economic Forum. (2020). The Future of Jobs Report 2020. https://www.weforum.org/reports/the-future-of-jobs-report-2020
