Cybersecurity meets Generative AI: Automating Your Compliance...
Rafae Bhatti
BSidesSF 2024 · Day 1
This talk, presented by Rafae Bhatti at BSidesSF 2024, delves into the transformative potential of Generative AI to revolutionize the traditionally arduous and manual processes of cybersecurity compliance and audit. Titled "Cybersecurity meets Generative AI: Automating Your Compliance...", the session introduces the concept of an "agentic AI approach" to build a "compliance co-pilot." The core premise is to leverage advanced AI capabilities to synthesize organizational context, retrieve knowledge, identify and remediate compliance gaps, and intelligently validate evidence, thereby significantly reducing the dependency on manual professional services.
AI review
This talk presents a compelling vision for an AI-driven compliance co-pilot, addressing the significant manual burden in current audit processes. By focusing on encoding domain expertise and leveraging agentic AI with RAG, the proposed architecture aims to automate evidence validation and gap remediation, moving beyond simple data retrieval. While the technical implementation details were high-level, the practical impact on GRC operations could be substantial.