Cybersecurity News in Asia

RECENT STORIES:

SEGA moves faster with flow-based network monitoring
Cohesity Catalyst 1 to Bring Together Cyber Resilience Experts, Celebr...
US$125k critical Windows zero-day RCE exploit for sale: targets fully ...
MoneyMe strengthens fraud prevention and credit decisioning
Adtech firms identified as key enablers in global cybercrime and large...
Gogolook Releases the World’s First Global Anti-Scam Impact Repo...
LOGIN REGISTER
CybersecAsia
  • Features
    • Featured

      Deepfake a crisis of trust, not just technology

      Deepfake a crisis of trust, not just technology

      Tuesday, August 19, 2025, 10:06 AM Asia/Singapore | Features
    • Featured

      When talking sense into AI power mongers fails, talk $$$: A message from AI

      When talking sense into AI power mongers fails, talk $$$: A message from AI

      Thursday, August 14, 2025, 12:26 PM Asia/Singapore | Features
    • Featured

      From insight to action: Securing APAC’s future with AI-driven cybersecurity

      From insight to action: Securing APAC's future with AI-driven cybersecurity

      Wednesday, August 13, 2025, 10:07 AM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • Awards 2025
  • Directory
  • E-Learning

Select Page

LOGIN REGISTER
  • Features
    • Featured

      Deepfake a crisis of trust, not just technology

      Deepfake a crisis of trust, not just technology

      Tuesday, August 19, 2025, 10:06 AM Asia/Singapore | Features
    • Featured

      When talking sense into AI power mongers fails, talk $$$: A message from AI

      When talking sense into AI power mongers fails, talk $$$: A message from AI

      Thursday, August 14, 2025, 12:26 PM Asia/Singapore | Features
    • Featured

      From insight to action: Securing APAC’s future with AI-driven cybersecurity

      From insight to action: Securing APAC's future with AI-driven cybersecurity

      Wednesday, August 13, 2025, 10:07 AM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • Awards 2025
  • Directory
  • E-Learning
Tips

8 tips for data and generative AI governance  

By CybersecAsia editors | Wednesday, February 5, 2025, 11:23 AM Asia/Singapore

8 tips for data and generative AI governance  

To help financial firms understand and mitigate the risks posed by implementing generative AI, FS-ISAC has published step-by-step guidance titled More Opportunity, Less Risk: 8 Steps to Manage Financial Services Data with GenAI.

“GenAI presents enormous opportunities for financial firms to improve business operations, provide better customer service, and even improve their cybersecurity posture,” said Michael Silverman, Chief Strategy & Innovation Officer, FS-ISAC. 

“However, just like any new technological development, GenAI increases security risks when it’s not leveraged in a safe and compliant manner. This guidance allows financial institutions to experience the positive offerings of GenAI by outlining the risks and corresponding steps to mitigate the threats.”

Developed by FS-ISAC’s Artificial Intelligence Working Group, the guideline outlines eight foundational steps to developing an effective data governance approach that harnesses the benefits of GenAI while remaining compliant with security standards:

  1. Consider your risks: Many of the risks associated with traditional data governance can be exacerbated by GenAI. Developing policies, technical controls, clear roles and responsibilities, and accountability metrics, among other steps, can shed light on risks, gaps, and opportunities.
  2. Data selection criteria: Using datasets requires an accountable, cautious approach with constant oversight. Develop a clear path for data selection, then conduct periodic risk testing to make sure the controls to protect the datasets are working as intended.
  3. Create and maintain a data lineage inventory: Strong access controls, data sanitization practices, and accurate data classifications are necessary to counteract concerns around data lineage and traceability.
  4. Be disciplined with data access and authorization: GenAI training data should be segregated and access restricted to ensure models are training on the correct data. Establish a regular review cadence of datasets and their access.
  5. Obsessively protect your customers’ data: Security techniques including differential privacy, encryption in transit and at rest, data sanitization, and sandboxing should be leveraged to maintain the confidentiality, integrity, and availability of sensitive information.
  6. Use best practices when building effective test plans: Generate baselines for model testing and leverage cross-sector data sharing to ensure adequate coverage across a domain. Understanding the reliability and completeness of underlying data allows for stronger model testing with fewer limitations. 
  7. Keep current on model vulnerabilities: Fundamental data governance security practices combined with basic cybersecurity hygiene can alleviate vulnerabilities created by the growing threat landscape.
  8. Require your vendors’ transparency on your data storage: Establish transparent communication with all vendors to ensure activities are compliant with regional and international requirements, as well as the firm’s internal security standards.

GenAI use cases and risks are still evolving, and while GenAI offers great potential for financial services processes, the sector has many concerns about data security, usage, privacy, and compliance. This report is designed to help financial institutions assess their needs and determine a secure and effective approach to using GenAI in data governance. 

The report is available for download here. 

Share:

PreviousStrengthening payment security against AI threats
NextGenerative AI chatbots can be jailbroken, research suggests

Related Posts

Could this be the start of a nightmare in car cybersecurity?

Could this be the start of a nightmare in car cybersecurity?

Monday, January 17, 2022

Know your customer, but not by using search engines!

Know your customer, but not by using search engines!

Friday, August 27, 2021

Thoughtless AI adoption: When uncharted waters can turn into uncharted business risks

Thoughtless AI adoption: When uncharted waters can turn into uncharted business risks

Friday, June 14, 2024

Malicious extension in open code marketplace causes US$500k cryptocurrency theft from developer

Malicious extension in open code marketplace causes US$500k cryptocurrency theft from developer

Thursday, July 17, 2025

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
previous arrow
next arrow

CybersecAsia Voting Placement

Gamification listing or Participate Now

PARTICIPATE NOW

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

  • 2024 Insider Threat Report: Trends, Challenges, and Solutions

    2024 Insider Threat Report: Trends, Challenges, and Solutions

    Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
  • AI-Powered Cyber Ops: Redefining Cloud Security for 2025

    AI-Powered Cyber Ops: Redefining Cloud Security for 2025

    The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
  • Data Management in the Age of Cloud and AI

    Data Management in the Age of Cloud and AI

    In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper
  • Mitigating Ransomware Risks with GRC Automation

    Mitigating Ransomware Risks with GRC Automation

    In today’s landscape, ransomware attacks pose significant threats to organizations of all sizes, with increasing …Download Whitepaper

Middle-sidebar-banner

Case Studies

  • MoneyMe strengthens fraud prevention and credit decisioning

    MoneyMe strengthens fraud prevention and credit decisioning

    Australian fintech strengthens risk management with SEON to scale lending operations securely and efficiently.Read more
  • PT Kereta Api Indonesia announces nationwide email and communication overhaul

    PT Kereta Api Indonesia announces nationwide email and communication overhaul

    The state railway operator’s upgraded email system improves privacy, operational reliability, and regulatory alignment for …Read more
  • Operationalizing sustainability in cybersecurity: Group-IB’s approach

    Operationalizing sustainability in cybersecurity: Group-IB’s approach

    See how the firm turned malware-group takedowns into measurements of sustainability and resilience gains: by …Read more
  • Thai government expands secure email management to close cybersecurity gaps

    Thai government expands secure email management to close cybersecurity gaps

    New measures address cybersecurity gaps in public sector communications, deploying advanced protections and operational support …Read more

Bottom sidebar

  • Our Brands
  • DigiconAsia
  • MartechAsia
  • Home
  • About Us
  • Contact Us
  • Sitemap
  • Privacy & Cookies
  • Terms of Use
  • Advertising & Reprint Policy
  • Media Kit
  • Subscribe
  • Manage Subscriptions
  • Newsletter

Copyright © 2025 CybersecAsia All Rights Reserved.