While there are opportunities given the breakneck speed with which Artificial Intelligence (AI) is evolving, companies and businesses must safeguard themselves from potential threats that are emerging and should “get their house in order.”
This is the advice of managing director of Pinaka Consulting Ltd, Shiva Bissessar who spoke at a webinar entitled “Implications of AI and Cybersecurity” hosted by the Caribbean Corporate Governance Institute last Friday.
Bissessar started the webinar by showing a newsclip from Canada’s media house, CNBC, on the rapid and shocking advances by China’s Artificial Intelligence company, DeepSeek, and the discomfort it has caused in China’s main global competitor, the United States.
He said DeepSeek can be used by good actors but also malicious actors.
Bissessar said what is happening with AI now is very interesting, it is important to note that AI started years ago back in the 1950s and there have been distinct periods of inactivity and spurts of innovation.
“Where we are now is in the hockey stick phase where there is exponential growth, so something like this taking place is to be expected and it also brings up a lot of fears that people have with respect to artificial general intelligence and artificial super intelligence. Previously, we have had simple chatbots, we have had Siri and Alexa, interactive ways to issue simple instructions, retrieve simple instructions, But now what is all the rage with AI is the generative aspect, that ability to generate content, texts, images, video, sounds. It really started in 2022 with the release of ChatGPT.”
He recounted that in 2024, he participated in a conference in Geneva, Switzerland and was “completely floored” by the number of applications that are being developed for AI.
“This has been taking place quietly in the background. The things that were in the public were the generative aspect with Open AI and ChatGPT in 2022. Beyond what is popular in the news, AI continues to develop and flourish in the background. From that conference, a couple of my key takeaways would have been things like the medical applications, studying things like multi-mobility. Another takeaway was deepfake which covers AI and cybersecurity. There is a constant conflict between the white hats or good guys and the black hats and the malicious intent guys.
He also spoke about some of the “fascinating” developments that are taking place.
“It is getting pretty fascinating what is possible. We have now, something akin to a filter that could be applied live over an image on social media and you would appear as a different person. We really have some fearful areas being developed. In Asia, an employee authorised a wire transfer, based on a video conversation he had with one of his higher ups but it turns out it was a deepfake that he was conversing with. So, moving from video to live deep fakes, that is significant. How do we detect and go up against that?”
During the question-and-answer segment, Bissessar was asked about that employee who was deceived after he thought he was interacting with a company manager and what can companies do to put systems in place to prevent this from happening, Bissessar said businesses must have the proper systems in place to protect themselves.
“It is still early stages with respect to it happening live on the spot but there have been demonstrations of it. A few months ago, someone was able to demo how it is possible. They did a face swap with a couple popular celebrities. Every organisation is expected to have policies and procedures as to how you manage authentication of parties, verify you are talking to someone and ensure it is who you are talking to. That dynamic is changing, this is playing out in front of us. So, you have not paid attention to cybersecurity in the past, which I know takes place locally and you see it. People do not have chief information security officers. Within the Caribbean, you will find them in financial institutions but predominantly within organisations in T&T, I would say there is a lack of that.”
He spoke about more negative effects of the evolution of AI that will impact the Caribbean region and T&T specifically.
“I have had an experience with a financial sextortion scam, which resulted unfortunately in a teenager’s death. So, these scams are real and they could only become hypercharged with unfettered development of AI. This brings us to the points of ethics and proper governance and this is why it is appropriate at the corporate governance level.”
Developing strategies
Cybersecurity consultant Patricia RoweSeale, who is based in Barbados, said business are more vulnerable because of the threats created by the advances of AI.
“You have the availability of a number of AI models like fraudGPT, WolfGPT and there are a couple models that were specifically designed for nefarious activity. From a cybersecurity and governance perspective, it has made it a whole lot easier for attacks to occur. You see the negative side of AI from a cybersecurity perspective. What can we do and what is the responsibility of board members in terms of giving that comfort and assurance that the organisation is aware and not only being aware but be affectively managing.”
She urged companies to adopt strategies to counter the threats.
“One of the things that the board has to be very cognisant of is what is the cybersecurity strategy? Is this strategy comprehensive? Is it being relooked at, things that are happening in the environment and in the industry. How are you operationalising this strategy? Do you have the right skill sets? Do you have sufficient finances? We know that ransomware has become sophisticated and hard to detect by the human eye. So, you need to have something within your email system, within your data system to counter that. So, the questions that the Board will be asking is what are you using to counter what is coming at us from an AI perspective.”
She also spoke about ethical and legal issues involved.
“You must be able to report to the board that you are aware of these ethical and legal issues and this is how senior management is managing and governing this space.”
Founder and CEO of One and One Educational Services Ltd. Ricardo Allen, based in Jamaica, said that because of how quickly the technology is moving, companies are having a hard time keeping up.
“AI has always been something that has been discussed but it has always felt pie-in-the-sky, something that we want to achieve but it will not be anytime soon. In November, 2022 we saw the release of ChatGPT and it took everybody by surprise. Since then, there has been so much rapid development in the AI space. You have different persons coming up with their own models and it is moving so fast. For organisations, how do they keep up and keep up will remaining secure? Also how do you not get left behind simply be fearing it.”
He spoke about “Enterprise AI” and why it is important and warned businesses about the risks of using models like DeepSeek.
Enterprise AI is the integration of advanced AI-enabled technologies and techniques within large companies to enhance various business functions.
“As companies, how do we ensure that given the way it kind of works, how do we ensure that we protect ourselves and organisations? In the case of DeepSeek, a lot of persons have been asking is it safe. In Enterprise AI it is about hosting your models locally or in the cloud and leveraging your existing data sources to ensure you get meaningful responses.”
