Veteran security leader Jim Routh, who has held CISO-level roles at Mass Mutual, CVS, Aetna, KPMG, American Express, and JP Morgan Chase, said generative AI’s penetration into SaaS solutions makes this more problematic.
“The attack surface for gen AI has changed. It used to be enterprise users using foundation models provided by the biggest providers. Today, hundreds of SaaS applications have embedded LLMs that are in use across the enterprise,” said Routh, who today serves as chief trust officer at security vendor Saviynt. “Software engineers have more than 1 million open source LLMs at their disposal on HuggingFace.com.”
Robert Taylor, an attorney who specializes in AI and cybersecurity legal strategies and serves Of Counsel with Carstens, Allen & Gourley, an intellectual property law firm based in Dallas, said he sees a common theme at all levels within organizations of every size.
