As AI adoption continues to increase, businesses are looking for familiar risk management protocols for AI governance. One obvious governance framework to use is cybersecurity, which is another area where rapid technological change has required businesses to quickly adapt to complex challenges. Because of the similarities between cybersecurity and AI risk (e.g., both are relatively [...]| Debevoise Data Blog
South Korea has become the latest country to pass a national AI law. The “Basic Act on the Development of Artificial Intelligence and Establishment of Foundation for Trust” (the “Basic Act” or the “Act”), which has several similarities to – and differences from – the EU AI Act, and comes into force on January 22, [...]| Debevoise Data Blog
On December 19, 2024, the U.S. Department of Treasury (“Treasury”) released a report on The Uses, Opportunities, and Risks of Artificial Intelligence in the Financial Services Sector (the “Report”). The Report summarizes key themes from comments from a variety of industry stakeholders (“respondents”) in response to Treasury’s June 2024 Request for Information (“RFI”), and recommends [...]| Debevoise Data Blog
On October 22, 2024, the U.S. Department of Justice (“DOJ”) announced that The Pennsylvania State University (“Penn State”), a public university in University Park, Pennsylvania, agreed to pay $1.25 million to resolve allegations that it violated the False Claims Act (the “FCA”). Specifically, Penn State allegedly failed to meet cybersecurity requirements in federal government contracts, [...]| Debevoise Data Blog
On November 8th, Avi Gesser, Luke Dembosky, Erez Lieberman, and Charu Chandrasekhar from the Debevoise Data Strategy and Security Group discussed the recent NYDFS Industry Letter providing guidance on assessing cybersecurity risks associated with the use of AI. The webcast provided a deeper dive into the topics covered in our recent blog post including: The [...]| Debevoise Data Blog
While the SEC made an early foray into proposing rules to govern use of generative AI (Gen AI) by broker-dealers,[1] FINRA has been taking a more traditional approach to emergent technology: surveying members on uses, issuing white papers,[2] publishing observations from its examinations program,[3] and issuing guidance about the application of existing rules.[4] Consistent with [...]| Debevoise Data Blog
With trends of increasing healthcare records stolen and breach costs, the HHS Cybersecurity Performance Goals have been released as a response. Learn more here!| FRSecure