Name: What Microsoft Tay Teaches Us About Using AI Safely For Cybersecurity
Start: 2025-04-16T17:00:00Z
End: 2025-04-16T17:01:00.000Z
Location: BrightTALK
Rating: 0

This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Zero Trust Architectures (ZTA) have become a cornerstone of modern security strategies in the era of sophisticated cyber threats and ever-expanding and morphing attack surfaces. But how can organizations ensure their zero trust frameworks stay adaptive, intelligent, and resilient? Enter artificial intelligence (AI) and machine learning (ML)—the ultimate dynamic duo for elevating zero trust to the next level.

 This session delves into the powerful synergy between AI and ML and their role in strengthening zero trust principles. From real-time user behavior analysis and anomaly detection to predictive threat modeling and dynamic policy enforcement, AI and ML are transforming the way organizations approach security. Attendees will gain insights into practical use cases, including automating access controls, enhancing endpoint security, and optimizing network segmentation. Discover how these technologies can help your organization build a zero trust architecture that evolves with the threat landscape and ensures robust protection for your critical assets.

AI and ML: The Dynamic Duo for Strengthening Zero Trust Architecture

The evolving threat landscape requires security operations (SecOps) to move beyond traditional methods and embrace cutting-edge innovations. Generative AI is emerging as a game-changer, enabling security teams to automate and enhance threat intelligence processes with unprecedented speed and accuracy.

In this session, we will explore how generative AI tools transform SecOps by automating tasks such as malware analysis, threat report generation, and contextual threat modeling. Attendees will learn how to integrate generative AI into their SecOps workflows to improve detection, decision-making, and response times while reducing the burden on human analysts.

Generative AI in SecOps: Automating the Art of Threat Intelligence

From data breaches to ransomware attacks, the cost of cybercrime is skyrocketing, demanding a new approach to security. Playing defense is no longer enough. Organizations need to anticipate threats and build resilience into their systems.  

CISOs and security leaders face immense pressure to stay ahead of the curve and build resilient organizations capable of withstanding and recovering quickly from security breaches. A product-led approach offers a proactive, data-driven solution for incident response, transforming security events into opportunities for continuous improvement. 

In this session, Oksana Denesiuk, product lead for billing and payments at Kaiser Permanente and ISSA Advisory Board Member, explores how cybersecurity teams can adopt a product mindset to enhance incident response, leveraging agile methodologies, iterative learning, and customer-centric thinking. 

Key Takeaways
- Embrace a product-centric approach to incident response, treating security incidents as valuable data points for continuous improvement.
- Integrate automated threat detection, secure coding practices, and incident learnings into the product roadmap.
- Use post-incident analytics, telemetry, and threat intelligence to refine security controls, enhance detection capabilities, and reduce the attack surface.
- Implement AI-driven detection, automated remediation workflows, and security orchestration (SOAR) to improve MTTR and MTTD.

Turning Incidents into Insights: A Product-Led Approach to Incident Response

Threat detection solutions come in many forms; extended detection and response (XDR), endpoint detection and response (EDR) and network detection and response (NDR). When it comes to detecting threats to an organization each of these “DRs” identifies specific elements of an attack path, but they may be lacking visibility into application-specific threats because these solutions see an application as a “black-box”. 

This session covers Application detection and response (ADR) solutions which look for vulnerabilities and exploits within the application itself. 

Key takeaways:
- Understand how ADR observes and analyses applications bringing visibility and context down to the code level. 
- How to contrast ADR with application layer coding verification mechanisms such as RASP, SCA, SAST and DAST.
- Understand how ADR differs from deploying a WAF or CNAPP solution.
- Learn how ADR observations and context can be integrated with the other ”DRs” to build a more complete picture of an attack to ensure an end-to-end response.

About the Speaker
Natalie is a Security and Compliance Consultant that has been involved in security technologies for more than 20 years. Natalie has advisory and engineering experience in multi-vendor network security architecture and deployment, security compliance and governance, security analytics and threat detection and response. Natalie was a former Program Leader for the CCIE Security certification track and has been a keynote speaker at various Cybersecurity events both in the US and Australia.

Natalie is also a three-time Cisco Distinguished Speaker award winner, a published author with Cisco Press and a freelance technical writer and presenter.

ADR: Not Just “Another” Detection and Response Solution

As cyber threats continue to evolve and breach traditional network boundaries, organizations face mounting pressure to adopt zero-trust architecture (ZTA) – not just as a security framework, but as a federal mandate. This paradigm shift recognizes that threat actors can emerge from anywhere – whether inside your trusted network or beyond its boundaries – demanding a complete rethinking of security monitoring strategies. 

While the zero-trust mandate establishes clear objectives for security models and system design principles, many organizations struggle with practical implementation, particularly in network security monitoring (NSM). Traditional NSM tools, designed for perimeter-based security models need to evolve to meet ZTA requirements. This session critically examines popular open-source NSM solutions, evaluating their readiness for ZTA implementation and exploring the necessary evolution of monitoring principles to support a true zero-trust environment. 

Join ESnet/LBNL Security Engineer, Fatema Bannat Wala for an in-depth analysis of the challenges and opportunities in adapting existing NSM tools for ZTA. 

Key Takeaways: 
- Understand the core principles of ZTA and how they fundamentally differ from traditional security monitoring approaches. 
- Evaluate the capabilities and limitations of current open-source NSM tools in supporting zero-trust implementation.
- Learn critical monitoring principles that need to evolve to align with ZTA requirements and federal mandates. 
- Gain practical insights into assessing your organization's readiness for ZTA and identifying necessary technological adaptations.

Zero-Trust Architecture: Bridging the Gap Between Mandate and Implementation

As cyber threats grow increasingly sophisticated, traditional reactive approaches to security are no longer sufficient. Proactive defense strategies, powered by artificial intelligence (AI), are revolutionizing how organizations detect, mitigate, and respond to threats. This session explores how AI can predict and prevent potential attacks by analyzing patterns, identifying vulnerabilities, and automating preemptive actions.

Attendees will gain insights into the technologies behind predictive threat mitigation, including machine learning models, behavioral analytics, and anomaly detection. We will discuss how organizations can use AI to anticipate threats, minimize risks, and enhance incident response.

Proactive Defense: Leveraging AI for Predictive Threat Mitigation and Response

The EU is ahead of the US when it comes to AI regulation. As my fellow conference attendee in Amsterdam quipped last year “Americans innovate, Chinese replicate and the Europeans regulate”. While the US still must come up with a federal-wide law, the EU already came up with the EU AI Act in 2023. This is mandatory in all 27 full-fledged member states with over 449 million people. Another EU-birthed AI framework is gaining popularity. The ISO 42001, or the Artificial Intelligence Management System, was finalized in the Geneva, Switzerland-based International Standards Organization (ISO) also in the same year. Combined, these provide, a promising way to mitigate AI security risks among other benefits. 

In this presentation, industry thought leader Ralph Villanueva will highlight the relevant aspects of these two regulatory frameworks and how they can successfully mitigate AI security risks in your organization.

Using the EU Approach to Mitigate AI Security Risks

AI-powered content generation introduces security risks, including data leakage, prompt injection, adversarial misuse, and compliance gaps. Companies using AI APIs from providers like OpenAI and Claude must address these vulnerabilities to prevent unauthorized data access and model exploitation.

This session breaks down real-world attack scenarios, including users manipulating AI prompts to extract sensitive information and API endpoints being exploited for adversarial attacks. We will introduce a structured AI security framework and a conceptual product design for mitigating these risks.

Attendees will learn how to implement real-time AI monitoring, enforce API-level security controls, and automate content governance to protect their systems without limiting AI-driven innovation.

Mitigating AI Security Risks in Content Generation: Securing API-Based AI Systems

In the ever-evolving landscape of DevOps, the paradigm is now shifting - where security is taking the central stage. With vast surface areas including containers, cloud, repositories and third-party components, cyber threats became more prominent than ever before in DevOps.

This presentation will delve into the evolution from traditional DevOps to the advanced usage of artificial intelligence (AI) technologies to automate and optimize the software development and delivery processes. This includes automating code scanning, testing and deployment processes while eliminating the threats in each possible way in the cycle. 

In this session, join Jyotirmayee Pradeep Kumar (Vice President - Cloud DevOps at a well-known global bank) as she unravels the stages of integration of AI at each phase of DevOps. Topics for discussion include:
- Types of AI used in DevOps. 
- Benefits of using AI in DevOps.
- Implementation of AI in DevOps.
- Best practices for using AI in DevOps.
- Eliminating security threats using AI in DevOps.

Security Risks to Consider with AI Integration: AI in DevOps

The growing cloud footprint of most enterprises requires a multi-tool approach to security, but the most crucial ingredient is the over-arching architectural principle guiding their work — zero trust. 

In this session, we’ll dig into how to use interconnected but independent layers of security to build a zero trust hybrid service delivery environment spanning internal resources and multiple clouds and networks.

Layered Security, One Principle: Zero Trust

Two key factors will increase IT spending in 2025: AI and cybersecurity. This coincides with operational resilience legislation being implemented in the EU in January 2025 and the UK in March 2025, when financial services organizations and third parties, such as cloud providers, outsourcers and contractors.

All of these factors follow a reduction to IT spending in 2024, when resources and capacity were cut by most cloud providers, whilst 80% of customers overshot their budgets, with others reducing their operational spending on cloud services. 

This webinar will explore the changing environment between 2024 and 2025, taking into account C-Suite strategic priorities and focusing on securing the cloud ecosystem, by covering:

1) What is keeping C-Suite up at night, and should they be concerned?
2) What should organizations consider when securing the cloud ecosystem?
3) Why operational resilience may be a real answer for securing the cloud ecosystem?

Tune into this session presented by operational resilience expert Steve Yates, as he shares advice for securing the cloud ecosystem. Yates will explore the “nightmares” currently experienced by C-Suite and take attendees on a journey into a world where they should consider embracing the compliance processes being put in place to manage third parties. 

By the end of the session, viewers will be able to:
- Form an understanding of the challenges facing the C-Suite, and budgetary pressures.
- Consider options for protecting and securing the cloud ecosystem.  
- Be aware of the requirements needed to establish a joint working relationship between your organization and cloud services third providers.

Securing the Cloud Ecosystem: What is Keeping the C-Suite Up At Night?

As AI adoption accelerates, so do the security risks hidden in its supply chain. From adversarial attacks to compromised open source dependencies, threat actors exploit vulnerabilities at every stage of AI development. 

This talk from industry thought leader Yesenia Yser will break down the latest attack techniques -- such as prompt injection, model poisoning and software supply chain compromises -- while providing actionable strategies to safeguard AI systems. Attendees will gain insights into securing AI pipelines, mitigating open source risks, and implementing robust defense mechanisms to prevent emerging AI security threats. 

Don’t let your AI infrastructure become the next target -- learn how to defend it now.

AI Supply Chains Under Siege: How to Secure Open-Source AI From Emerging Threats

To strengthen our identity and access protection, it’s crucial to understand the current threat landscape and how sophisticated attackers exploit stolen data or intelligence signals. Tune into this session presented by CISO Alex Holden to explore what’s circulating on the dark web and how malicious actors are using this information to target our systems -- and what we can do to defend against them.

Key Takeaways
1) Learn about latest threat actor techniques targeting your personal and corporate identities.
2) Learn more about corporate data on the dark web.
3) Learn how to protect exploited identities.

Price of Our Stolen Identities on the Dark Web

In a world where the vast majority of cyber attacks leverage access-based methods to gain entry to an organization's resources, how can you be sure your organization remains secure?

This session explores best practices for ensuring all employees have the access they need, while ensuring that access is revoked promptly when they no longer need it. It starts with the reality that most enterprises have grown to large to rely on manual efforts, needing a combination of identity access management tools, implemented appropriately, and includes:

- The importance of creating a role-based access provisioning program that follows employees through their entire organizational lifecycle, from onboarding, through job changes, transfers and eventually, separation from the organization
- Automating and integrating the need for privileged access with the organization's change management process 

Be prepared for a primer in how to get started on this journey and make it successful over the long term.

Stay Safe: Managing Employee Access from Cradle to Grave

Privileged access management is a cornerstone of security. Permissive access is just what the cyber criminals are looking to gain and exploit, or what can accidentally be misused and cause significant damage. 

In this session, Peter Crumpton (Information Security Manager at NFU Mutual) shares a case study of an organisation's journey from recognising the exposure and risk associated, to defining a target operating model‘, gaining funding and implementing improvements to move closer to the goal of least privilege and zero trust. As with most companies, there is a mix of on-premise and cloud SAAS, PAAS, IAAS, with new and legacy technology, so the answers are not uniform.

Join the session to discover:
- The journey from recognising a gap in control and understanding the risk it presents to designing the programmes of work to address it.
- Key lessons learned from implementing planning and improvements.
- How to deal with the mixture of technology and legacy products to optimize privileged access security.
- And more...

About the Speaker
Peter is a passionate and dedicated security manager, he strongly believes in the sharing of information and approaches to help each other and the industry progress, to protect ourselves against the common threats we face. He started by implementing an ISMS to comply with ISO27001, and grew into all aspects of information security management over more than 15 years working in various industries such as government, telecoms and finance sectors, implementing risk management and control effective across the organisations. He holds CISSP, CISM and CRISC certifications.

Privileged Access: A Journey From Little to Least

Privileged access management (PAM) is evolving to meet the challenges of modern centralized, decentralized, distributed networks, and endpoints. Cutting-edge solutions now incorporate AI-driven anomaly detection to monitor and flag unusual privileged account behavior, coupled with just-in-time (JIT) privilege escalation for temporary, task-specific access. Unified dashboards enhance visibility and streamline management across hybrid IT environments.

In decentralized networks, blockchain technology ensures tamper-proof identity management, while decentralized authentication leverages cryptographic keys to reduce reliance on central directories. Federated access models facilitate secure privilege sharing across domains without exposing sensitive credentials.

For distributed networks, Zero Trust Architecture (ZTA) enforces continuous verification of users and devices, while edge computing integration secures privileged access directly at network endpoints. Dynamic policy enforcement adapts in real time, responding to contextual factors like user location or device status.

On endpoints, Endpoint Privilege Management (EPM) minimizes attack surfaces by granting least-privilege access. Device-centric identity management ties privileges to specific devices, and behavioral analytics monitor endpoint activities for unauthorized privilege use. These advancements collectively enable robust, scalable, and context-aware PAM strategies across diverse network architectures.
Discover how rigorous inspection, computing science, algebra, and technology combine to combat unauthorized access, protect company assets, and build user trust.

Developments in Privileged Access Management

As organizations grow and evolve, the proliferation of disparate identity and access management (IAM) systems can create significant security vulnerabilities. Centralizing IAM is essential to mitigate these risks, but it presents challenges such as designing seamless interfaces and accommodating the dynamic needs of the business.

In this session, Vincent Amanyi (Founder, Boleam Inc) shares strategies to reduce fragmentation and centralize IAM systems using single sign-on (SSO) and role-based access control (RBAC). He will explore key internal and external considerations for developing comprehensive IAM policies that align with business evolution and industry changes.

Key Takeaways
- Optimize IAM Policies: Gain insights into the dynamic components of your organization's information access and learn how to support robust IAM policies.
- Foundation for Growth: Learn how to establish a strong foundation for managing identity risks in a rapidly evolving business landscape, especially during mergers and acquisitions.
- Risk Management: Understand how to identify gaps and effectively manage IAM sprawl risks to ensure a secure and compliant environment.

Mastering Identity Sprawl: Centralizing IAM for Enhanced Security

Strengthening Cyber Security with AI

Microsoft Tay's infamous descent into unintended behavior serves as a stark reminder of AI's potential vulnerabilities in cybersecurity contexts. 

This webinar from industry thought leader John Bambenek explores key lessons from Tay’s deployment, highlighting the importance of safeguarding AI systems from exploitation and model poisoning. Participants will gain insight into managing AI securely by employing resource-augmented generation grounded in trusted frameworks like MITRE ATT&CK, D3FEND, and the NIST Cybersecurity Framework (CSF). Learn how these methodologies empower cybersecurity analysts to rapidly, accurately, and securely interpret security events, preventing adversaries from compromising AI integrity. 

Discover practical strategies for ensuring your organization's AI systems remain resilient against sophisticated AI-driven cyberattacks as well as how to transform the security operations center (SOC) from alert triage into a security program that stops the actual attackers targeting your organization.

What Microsoft Tay Teaches Us About Using AI Safely For Cybersecurity

microsoft tay

Cyber Security

NIST

Security Framework

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

What Microsoft Tay Teaches Us About Using AI Safely For Cybersecurity

Presented by

About this talk

More from this channel