Throughout my tech career, I’ve observed the evolution of information security (infosec) from a mere consideration to a primary focus and discipline. The pace of change hasn’t decelerated over the past few years; instead, the “cat and mouse” game between system administrators and risk has become more intricate and crucial.
The COVID pandemic and the substantial shift towards remote work and significant digital transformation compelled many businesses to adapt rapidly. Business requirements underwent constant change, leading to the prioritization of critical elements, while non-functional requirements were often sidelined. Security, accessibility, and other aspects transitioned into the “we’ll get to it later” category.
Even a year ago, it was hard to predict the significant impact of Artificial Intelligence (AI) on the work landscape and the security sphere. I suspect it will be years before laws and compliance statutes catch up to the challenges posed by AI, much like the early stages of cryptocurrency.
Fast forward to today; what are some things to consider with your Salesforce organization?
Ensure Your Fundamentals Are in Place
Regardless of your position in the infosec journey, it’s essential to have the basics sorted. Backups, perimeter defense, logging, and policy are some areas many organizations are still striving to align.
Write Down What’s Changed in the Past Few Years
Have you adopted new technology and validated that all details align with your compliance and infosec practices?
With all the changes over the past few years, some “quick fixes” have transformed into long-term tools that may not have received the requisite attention to detail regarding infosec.
Define an AI Positioning Statement for Your Organization
I firmly believe that, when it comes to infosec, AI is currently akin to the “Wild West.”
It’s challenging to track where your information ends up once it’s fed into an AI model. Determining your organization’s stance on this and validating it with your compliance team is a wise initial step. If you can use AI, that’s fantastic, but you must consider the limitations and necessary precautions to ensure security.
In conclusion, the seismic shift toward digital transformation has significantly changed the information security landscape. Organizations need to stay vigilant and prepared in this ever-changing environment.
Fundamentals like backups, perimeter defense, and logging must be noticed despite the attraction of innovative solutions. As we venture into the uncharted territories of AI in infosec, organizations need to develop clear stances on AI usage and adhere strictly to security measures. Let us embrace these challenges not as obstacles but as opportunities to enhance further our understanding, control, and use of data in the most secure way possible.
To help your organization climb towards maintaining your secure Salesforce environment, here’s a resource: Salesforce Cybersecurity: Climbing the Mountain. This resource offers a pack of mountaineering tools to aid your journey.