Is the current AI hype cycle different from the ones that failed before? How do you build a security program for technology that can't give the same answer twice? This episode features a deep-dive conversation with Damian Hasse, CISO of Moveworks and a security veteran from Amazon's Alexa team, VMware, and Microsoft. Damian provides a practical blueprint for securing both traditional Machine Learning (ML) and modern Generative AI (GenAI). We discuss the common pitfalls of newly formed AI Councils, where members may lack the necessary ML background to make informed decisions. He shares his framework for assessing AI risk by focusing on the specific use case, the data involved, and building a multi-layered defense against threats like prompt injection and data leakage. This is an essential guide for any security leader or practitioner tasked with navigating the complexities of AI security, from protecting intellectual property in AI-assisted coding to implementing safeguards for enterprise chatbots. Questions asked: 00:00 Introduction 02:31 Who is Damian Hasse? CISO at Moveworks 04:00 AI Security: The Difference Between the Pre-GPT and Post-GPT Eras 06:00 The Problem with New AI Councils Lacking ML Expertise 07:50 A History of AI: The Hype Cycles and Winters Since the 1950s 16:20 Is This AI Hype Cycle Different? The Power of Accessibility 20:25 Securing AI-Assisted Coding: IP Risks, Data Leakage, and Poisoned Models 23:30 The Threat of Indirect Prompt Injection in Open Source Packages 26:20 Are You Asking Your AI the Right Questions? The Power of "What Am I Missing?" 40:20 A CISO's Framework for Securing New AI Features 44:30 Building Practical Safeguards for Enterprise Chatbots 47:25 The Biggest Challenge in Real-Time AI Security: Performance 50:00 Why Access Control in AI is a Deterministic Problem -------------------------------------------------------------------------------- 📱AI Security Podcast Social Media📱 _____________________________________ 🛜 Website - ✉️ AI CyberSecurity Newsletter - LinkedIn: #AISecurity #cybersecurity #ai