1、AI Cyber Benchmark How are large organizations tackling the AI Security challenge?WAVESTONE|2No doubt:AI is a unique opportunitythat must be secured!WAVESTONE|3On the inputsINPUTSLEARNINGPROCESSINGOn learningOn processingOn the outputsOUTPUTSNon-deterministicNon completely explainableEvolve over tim

2、eWavestone AI Cyber Benchmark-2025AI systems work differently from classic IT systems EVASIONORACLEPOISONINGMITHRIL SECURITY POISONING TESTCHATGPT TRAINING DATASET LEAKAUTONOMOUS CARWavestone AI Cyber Benchmark-2025 and can therefore be attacked in very specific and new ways WAVESTONE|5Executive Ord

3、er 14179In place since January 2025UNITED-STATES An approach focused on positioning the US as an AI leaderRescind former Executive Order 14110 that provided guidelines.Aims to remove any potential barriers to AI development.AI ACTIn place since March 2024EUROPEThe EU positioned itself as the worlds

4、police officer and push for citizen protectionRisk-based approach.Every organization must comply by May 2027.Already some consequences:new iPhone with GenAI&ChatGPT voice chat functionality pospotned Cybersecurity requirements for GenAI servicesIn place since May 2024CHINA China focuses on pushing f

5、or best practices in AI management and data managementChina is focusing on the cybersecurity of its system with a risk-based approach and on regulating the processing of data,especially labeling.Wavestone AI Cyber Benchmark-2025Regulatory approaches vary significantly across geographies WAVESTONE|6

6、WAVESTONE|6Our goal:help clarify how to tackle the AI security topic,trough our AI Cyber BenchmarkSome clients are adopting AI on a large scale:Between 50 and 400 uses cases identifiedA strong mobilization at Excom levelLeading to a lot of activities but a lot of blurriness.Worked with+20 clients al