Connect with us

Hi, what are you looking for?

Tech & Science

Regulate and legislate: Is it time for AI to be reined in?

To effectively combat these ever-evolving threats, a whole-of-government approach is essential.

Artificial intelligence, or AI, has been increasingly present in everyday life for decades, but the launch of the conversational robot ChatGPT marked a turning point in its perception — © AFP/File Camille LAFFONT
Artificial intelligence, or AI, has been increasingly present in everyday life for decades, but the launch of the conversational robot ChatGPT marked a turning point in its perception — © AFP/File Camille LAFFONT

To give some realistic expectations of what’s to come for cybersecurity in the public sector in the year ahead, Digital Journal heard from SecurityScorecard’s Brendan Peter, Vice President of Global Government Affairs. Peter predicts that New York’s cyber strategy will spur a new era of state-wide cyber mandates as governments battle in the cyberspace wild west.

In addition, Peter considers that AI governance will ignite a transformative wave of policy discussions and legislative actions. On the legislative front, Peter expects that a decade-old presidential directive will get revamped, prompting risk management overhaul in critical infrastructure.

New York’s cyber strategy

With the legislation passed in the big city, Peter considers that New York is at the forefront of cybersecurity regulation. This included “setting a benchmark for other states to follow. In 2023, the state spearheaded significant advancements in cybersecurity, releasing its first comprehensive cybersecurity strategy, as well as regulations for the healthcare and financial sectors.”

Building on this, Peter thinks that in :”2024 promises to be a banner year for cybersecurity, with New York leading the pack in developing and implementing innovative cybersecurity regulations at the state level. We will see other states implement regulations addressing emerging cyber threats with both state-wide and sectoral approaches.”

Peter approves of the regulatory approach, noting: “To effectively combat these ever-evolving threats, a whole-of-government approach is essential. Government agencies must collaborate to share intelligence, coordinate responses, and ensure cybersecurity policies are effectively implemented across all sectors.”

AI governance to expand

Peter now expects legislation to become more commonplace. This relates to: “2023 brought the AI Executive Order from the Biden Administration, developed to promote the secure development and use of AI in the public sector. As AI continues to revolutionize various industries, much like the internet’s transformative impact, it’s crucial to establish clear rules of engagement. The executive order serves as a steppingstone toward achieving this goal.”

Across the year the reasons for AI have expanded, which Peter notes: “The emergence of generative AI has introduced a new dimension to AI governance, prompting policymakers to rapidly adapt and understand its transformative impact. In 2024, this evolving landscape will generate intense legislative activity at both the federal and state levels.”

As to what will happen next, Peter  cites: “Given the far-reaching implications of AI, we will see increased congressional activity in this domain and potentially a comprehensive federal AI statute that establishes clear ground rules. As state legislative sessions commence in January, there will be a surge of AI-related bills and regulations. Some states may even take decisive action ahead of the federal government.”

Refreshing the presidential directive

In terms of major regulations, Peter predicts: “The forthcoming rewrite of Presidential Policy Directive 21 (PPD-21) will create a paradigm shift in critical infrastructure security. Expected in the first half of 2024, this comprehensive update will empower critical infrastructure sectors to embrace data-driven risk management and enhance their resilience against evolving threats.”

What form will this take? Peter’s view is: “By tightening requirements and definitions, PPD-21 will foster a culture of data-driven risk assessment and communication across all critical infrastructure sectors in the year ahead. This transformative overhaul will spark critical conversations around the unique needs of each sector, paving the way for a more collaborative and transparent approach to safeguarding the nation’s digital backbone. The revamped PPD-21 marks a pivotal moment in critical infrastructure security, empowering sectors to stay ahead of the curve and protect the nation’s vital assets.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Business

Can anyone remember the world before AI tools? Since the fateful launch of ChatGPT in November of 2022, the world has forever changed.

World

The coin's design includes the psychedelic 'magic piano' featured in the 1967 Magical Mystery Tour film - Copyright Royal Mint/AFP -There are few accolades...

World

The Bahamas on Thursday said it had rejected a proposal from the incoming Trump administration to take in deported migrants.

Business

With 27 million combined customers, Vodafone's merger with Three will vault the new group above the UK's two largest mobile operators BT EE and...