CIO Influence Interview with Erin Hamm, Field Chief Data Officer, Comcast Technology Solutions

“Any new regulations present challenges for compliance, but with the many different rules coming out right now, we are navigating a large greenfield territory when it comes to technologies like generative AI.”

Hi Erin, please tell us about your vision for AI and automation capabilities in 2024. 

According to me, automation and AI will tackle asset visibility in 2024.

As the adoption of AI, ML, and automation continues, organizations will increasingly be finding new use cases.

One area where I expect to see this play out is in automating processes around asset visibility, which has always been a big challenge.

Let’s say you are part of a security team, and you have unidentified assets on your network; you notice that one of these assets has touched a certain application, but you don’t know the asset owner to determine if this access is legitimate.

Rather than setting off a chain reaction where the security team reaches out to the application owner, who then must go on a fact-finding mission to determine who owns the asset and why it’s accessing the application, an automated process using AI will be able to quickly identify the asset owner and intent. This move toward a more automated and less manual process will be incredibly helpful to both security and compliance teams. 

How should organizations prepare for ever-changing compliance frameworks?

Organizations will lean more on their peers as everyone grapples with new and evolving compliance requirements.

Any new regulations present challenges for compliance, but with the many different rules coming out right now, we are navigating a large greenfield territory when it comes to technologies like generative AI.

Peer-to-peer interactions across companies will increase as everyone seeks to gain clarity on new regulations and ensure they’re in alignment. Even after alignment with their peers, Companies will likely still face heavy scrutiny from their auditors in the wake of these new regulations.

Top Insights:

CIO Influence Interview with Art Hu, SVP, Global CIO and Services & Solutions Group CTO at Lenovo

Not everyone has a resource within the government they can reach out to with questions, so I expect we will see more cooperation and collaboration among different companies.

CIOs and CISOs were overwhelmed by new types of cybercrimes in 2023. What would be a unique response to the fight against cyberattacks in 2024?

The heat is on for threat hunting and detection as we approach the New Year.

Cyberattackers are incredibly sophisticated and great at evolving their methods. In 2024, we’ll see enterprises double down on how to evolve their threat-hunting and detection capabilities to account for the new mechanisms and methods bad actors are using to exploit organizations’ networks. This is going to include more examination of insider threats and identifying changes in behavior, especially when it comes to changes in how individuals interact with the tools they’ve been using regularly.

For instance, if an engineer in an organization regularly downloads code from GitHub, but they suddenly start downloading massive petabytes or gigabytes’ worth of code from GitHub, is that person a potential risk to the organization?

This could be an example of a phenomenon we are increasingly seeing:  threat actors getting legitimate credentials and then posing as that user on the network.

Being able to identify these situations versus legitimate use by credible individuals will be a major focus of efforts.

Thank you, Erin! That was fun and we hope to see you back on CIO Influence Interview Series soon.