Library Header Image Library Header Image

Ben's Book of the Month: Deploying and Securing AI Effectively


Posted on by Ben Rothke

The phrase "irrational exuberance" was used in 1996 by then-Federal Reserve Board Chairman Alan Greenspan at the height of the dot-com bubble. He sought to inform investors that the stock market was overvalued.

Jump to 2026, and it’s eminently clear that there’s an irrational exuberance around artificial intelligence (AI). Vendors are touting AI in their products but cannot always articulate how it makes their products better.

For those who want to understand the hype in detail, my review last month of AI Snake Oil: What Artificial Intelligence Can Do, What It Can't, and How to Tell the Difference by Arvind Narayanan and Sayash Kapoor provides a clear picture of AI's realities.

But even if 75% of AI is hype, which may be a pretty good estimate, the other 25% is still quite significant and needs to be dealt with. Two new books from Apress provide that information.

AI is not just an IT revolution but an evolution requiring new practices and, from a security and privacy perspective, new thinking and actions. For those seeking actionable guidance, Donnie Wendt’s AI Strategy and Security: A Roadmap for Secure, Responsible, and Resilient AI Adoption provides step-by-step recommendations for integrating AI securely and responsibly into enterprise environments.

A recent MIT report found 90% of generative AI projects fail, partly because firms invested blindly without a deployment roadmap or strategy. Lacking a deployment roadmap or strategy is a surefire way for IT failure.

The book emphasizes creating strategic goals and objectives for AI and then shows how to effectively use security and privacy controls to achieve them.

While technology is essential to successful AI integration, it is the talent and skills of the people that will ultimately drive success. Organizations must build high-performing teams with requisite skills and talents. However, to ensure continued success, the organization must also develop a talent development pipeline that injects new AI talent and facilitates ongoing skills development for existing talent.

AI will require new positions, and the book details several of them and the skills required. This includes positions such as CAIO (chief AI officer), AI strategist, AI architect, AI ethics and compliance officer, AI security architect, AI security engineer, and more. Failure to adequately budget for and staff for these new roles is another reason so many AI projects fail.

Privacy risks remain major concerns in AI deployment, especially given rising regulations to protect personal and sensitive data. The book describes several privacy-enhancing techniques that support this effort.

At 200 pages, AI Strategy and Security provides a really good introduction and overview of the many security topics essential to AI. With so much AI hype and snake oil out there, the book will ground readers in the security and privacy realities required for the safe use of AI.

The adage “you need to buy two Harleys, one for parts” jokes about the high maintenance and cost of Harley-Davidson motorcycles.

While the saying may be a joke for Harley-Davidson motorcycles, it underscores a key truth for AI: deploying and securing AI effectively requires significant effort. In AI Management Framework: Practical Solutions for Ethical AI Deployment and Continuous Improvement, John Kyriazoglou details the comprehensive requirements for successful AI deployment.

He uses a five-phase AI implementation approach that includes preparation, management, development, operation, and assessment. Each approach, on its own, is a significant endeavor, and when combined, requires an organization to dedicate staff and budget to its AI deployment. Those who do not appreciate the depth of the tasks required in these five approaches will certainly find their AI projects fail quickly.

At 331 pages, the book is a densely packed, practical guide and is especially recommended for readers seeking to understand what is required to deploy AI effectively. The book’s term 'densely packed' means that much of what is written can be significantly expanded, highlighting the considerable depth and breadth of the requirements. In some ways, the book uses a scare-straight approach, aimed at firms that may not fully grasp, even at a superficial level, what is involved in deploying AI.

AI has a tremendously high signal-to-noise ratio. On the other side, it’s a revolutionary aspect of IT. Dealing with those two conflicting areas is not easy. But these two books will certainly help the reader navigate between the AI gold and AI fool's gold. It is quite easy to fail fast and miserably with AI. But for those who want to do it right, these two books will certainly help them in their AI journey.

 

Contributors
Ben Rothke

Senior Information Security Manager, Tapad

View More Blogs

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSAC™ Conference, or any other co-sponsors. RSAC Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community

Related Blogs