SecTalks 0x51 - How are we keeping orgs secrets safe from AIs everywhere?

Hello all,
We're officially back for 2025! And, in a new venue. This will be our first meeting in a while, and it’s a very different world. Please join us in our journey as we explore and discover together what works as we evolve our community. We need your help. Getting content and speakers hasn’t been easy, and there’s a huge repository from amazing on-demand content on YouTube. Some of you have told us, there needs to be something more… practical and that can only be done as a local meetup.
You want deeper local knowledge sharing between the community that's more timely and relevant. Let us try doing that through facilitated round-table discussions. A more proactive knowledge sharing activity, where your participation in the discussion is expected - not just the audience.

Here's the idea.
Round-table Discussion - 90 minutes for all participants to share openly, and discuss a topic.

Roughly, here’s the plan:

• A topic will be announced with the meetup -
  This month, it’s “How are we keeping orgs' secrets safe from AIs everywhere?”
  This is to give you some time to think about it before you come, and participate in the discussion.
• 17:45 - 18:00 : Doors Open / Arrivals
• 18:00 - 18:10 : Welcome & introduction - this includes a quick 5 minute introduction to set the context for the topic.
• 18:10 - 18:20 : Get to know your table - opening questions
• 18:20 - 19:00 : Discussion time
• 19:00 - 19:15 : Shortlist your 3 lessons to share / Actions to take
• 19:15 - 19:30 : A representative from each table shares their discussion
• 19:30 - That’s a wrap for our formal plans. We’ll head to a nearby pub for drinks/dinner ( at your own costs ) if anyone wants to join.

We’ve selected the first topic to get things going; but, the plan is for the community to guide what topics we discuss. So, do reach out/let us know.

This month’s discussion topic:
How are we keeping orgs' secrets safe from AIs everywhere?

As cyber security professionals, it is our tenet to protect the confidentiality, integrity and availability of our organisation and its customers' data. Like with the advent of SaaS and the internet, there’s a new frontier to protect against; Large-language Models (LLMs) and other generative AI tools’ tendrils everywhere. With a lot of these provided “as-a-service”, and sending data back to a central service, how do we keep our organisations safe? How do we make sure that we don’t cross-contaminate and spill details of one client you’re working on to another? How do we keep compliant with data privacy and sovereignty laws, when a lot of these services are external?

Most AI systems claim not to learn from the user's prompts and claim to have a limited (or no) data retention. These systems still have logs, contextual data, etc. which makes the data less anonymised. Currently many of these AI systems don't have security as a large priority, however, companies still need to use these systems for productivity gains. How can consumers keep their data safe? What should the AI providers do better? How can the industry improve?

How do we keep our organisations’ secrets safe from the AIs everywhere (while using it safely)?
Let’s discuss.

Some house rules:

• Take the knowledge and share, but leave out the names & organisations.
• Be respectful, and encourage contribution from different viewpoints.
• SecTalks Code of Conduct applies - don't be a dick
• If you're with a vendor, and the topic is related to what you sell, disclose that. Remember, no sales pitches here! This is not the place for BizDev.

—
SPONSORS
We won't be able to run without our sponsors.
Please join us in thanking:

• REA Group - for hosting us and the Venue!

THANK YOU!

Administrative

• Please remember to update your RSVP if you can no longer attend.
  Even if it's just 60 minutes prior. We will take note of no-shows, and to make sure we've got space for those that do actually attend, your RSVP may be deprioritised for future events.
• Please note that there will be no catering at this event. We will adjourn to a pub after.
• If you’re a minor (under 18yo) attending, please ensure that you are always accompanied by an adult guardian, otherwise, you will be refused entry.
• Please be aware that the venue requires that you sign-in via their visitor log iPads upon arrival.