EX-EPIC MEET Parrish Gunnels, CISO Sunflower Bank
Updated: Aug 5
hosted by Leah McLean, VP, Mastercard & ElevateXchange Advisory Council Chair
©Elevate Xchange June 2023 all rights reserved.
How to defend and still use Generative AI is a very good question. Parrish Gunnels believes standards are the way to go with a Steering Committee as oversite.
Parish believes that Compliance can be our friend especially now with NIST, OWASP, etc. weighing in on tackling standards for data protection while using Generative AI effectively. Generative AI is here to stay, and security protocols are late coming. Most Financial Institutions are blocking and shutting our Generative AI until a Corporate Policy can be incorporated. Parrish is a member of the FS-ISAC Committee working to produce standards for Generative AI data protection with the financial sector.
Security is still considered an overhead cost so measure your ask for resources making the case real and not subjective. Although many industries seem to have trouble obtaining talent, Parrish has not found that to be the case.
Parrish also discussed his vast experience within the CISO role, the reporting upward trajectory and whether CISOs should be sitting on Boards of Directors. CISOs are not prevalent on Boards of Directors and may be seen only slightly based on the industry. CISOs are not one size that fits all type of position and no matter who you report to CFO, CIO, Engineering, etc. make sure you work for someone you are culturally aligned with.
"Within Organizations, a balance of power is needed to be effective," Parrish said. Establishing
Collaborative Steering committees will improve your overall effectiveness. This is a very powerful and timely discussion that you can benefit from if you're in security or planning a career in security. Security is a vast and diverse discipline with both information security and physical security as possible aspects. Watch and listen to Parrish Gunnels and Leah McLean bring to the forefront the knowledge and experience you will need as a CISO or any security professional.