All Posts
Business

The Cost of AI Theater

Blog Image
Published on
September 23, 2024

Introduction:

A few years ago, I wrote a blog post on the "Cost of Security Theater," which you can still find on our website. I’m noticing a similar trend emerging in AI Governance.

The Growing Pains of AI Governance:

Whether you like them or not, questionnaires are a common part of our industry. At ClearOPS, we started as a security questionnaire company in 2020, and we've learned a lot since then. Recently, we’ve noticed AI-related questions starting to appear in these security forms, which is causing them to grow even longer.

So, what kind of AI questions should companies be asking, and how should vendors respond?

Asking the Right Questions:

It’s important not to ask questions just for the sake of it. Make sure they align with your AI Governance program. AI Governance involves more than just policies—it’s about a comprehensive framework and active management.

Start with something crucial like, “If you train any AI models, do you use our data for training, re-training, or fine-tuning models that are then shared or used by other customers or vendors?”

This might seem like a loaded question, but it really addresses what we're most concerned about.

If a vendor says they do use your data, follow up with deeper questions:

  • What data is being used?
  • How is it shared?
  • What security measures are in place?
  • Is it on separate infrastructure?
  • Are they using a third-party AI vendor, and what are their policies?

If they’re not using your data, confirm if they outsource this task or plan to in the future. Most importantly, ensure they will get your active consent before rolling out any new AI features.

How to Respond to Your Customers’ Questions:

Be transparent. If a customer asks if you use AI, don’t just say “no” if you’re not sure. If you haven’t yet implemented an AI Governance program, explain your approach to managing AI use by vendors, and highlight that you’ve opted out of any data-sharing features. If you’re unsure, take the time to gather the necessary information.

Conclusion:

The added scrutiny around AI is making customer acquisition and vendor management feel like never-ending tasks, with extra AI-related questions slowing things down. But the real issue isn’t just ticking boxes on a questionnaire—it’s about getting accurate, meaningful insights from those answers. This kind of detailed due diligence is a manual and time-consuming task that nobody enjoys That’s why automate these processes at ClearOPS, so you can focus on growing your business without getting buried in AI red tape.

Featured Blog

We are constantly writing new content. Check back often or join our newsletter!

Business

The Top 6 Legal Considerations for Licensing AI Software

This blog post explores the current state of licensing, whether it is online terms of service or main services agreements, and what you should look for to understand your rights and the rights of your vendor.
Business

Navigating the Global AI Regulatory Landscape: A Guide for Business

Exploring the diverse global AI regulatory landscape, including the EU’s AI Act, the decentralized approach in the US, and the varying frameworks in the Asia-Pacific region. It highlights the importance of understanding these regulations to ensure compliance and build what's right in AI technologies.
Business

The Cost of AI Theater

This article highlights the importance of AI governance by teaching you how to interrogate your vendors like a seasoned detective, minus the trench coat. After all, it’s not just about knowing if they use AI—it’s about making sure your data doesn’t become the plot twist in their next sci-fi thriller!
Business

Mitigating Deepfake Phishing in Corporate Structures: Essential Steps for AI Governance

This blog post discusses how deepfake technology is being used to exploit corporate hierarchies through sophisticated phishing attacks. The post emphasizes the need for robust AI governance and vendor management processes to prevent costly breaches and ensure secure verification of requests.
Productivity

Getting Started with AI Vendor Management

In my view, starting an AI governance program means evaluating your existing vendors with information you already have.
Productivity

How to Start an AI Governance Program

Most people start an AI governance program by backing up and building a process. I argue that your employees aren't waiting around for your beautiful policies. You need to start with vendor management.
View all

Stop Wasting Your Time on Assessments

Gain efficiency and remove tedium by using ClearOPS

Get StartedContact