It's time to make haste. Cybersecurity professionals are now juggling speed, risk, and the risk of not being fast enough when it comes to reviewing and approving internal AI tools. IT Brew caught up with 1Password CIO and CISO Jacob DePriest to discuss his thought process for securing his workforce in the era of AI.
Fast lane.
1Password CIO and CISO Jacob DePriest is implementing an expedited review process for internal AI tools to balance speed and risk. This new process allows teams to quickly experiment with AI tools on a limited basis before undergoing a full security, legal, and privacy review, addressing the increased pace of AI adoption and threat actors leveraging AI.
A new generation of builders.
AI is transforming employees into 'citizen developers' or builders without coding backgrounds. To manage this, 1Password mandates an onboarding process for AI builders to ensure they understand security protocols and tools. They also go through an experimental phase with internally built agents before creating their own, with a strong focus on risk discussion, access management, and carefully scoped permissions (e.g., read-only access) for agents.
The fast life.
IT professionals must ensure that approving AI tools quickly is complemented by robust guardrails to monitor their usage and prevent 'shadow AI,' according to Matias Madou of Secure Code Warrior. DePriest also stresses the importance of IT pros and builders staying current with AI trends and news through continuous learning, not just for job requirements but for career advancement and informed decision-making.
