close
magnifying glass
Get Started
magnifying glass
Support
chevron
Support Language
close
  • Why Netskope chevron

    Changing the way networking and security work together.

  • Our Customers chevron

    Netskope serves more than 3,400 customers worldwide including more than 30 of the Fortune 100

  • Our Partners chevron

    We partner with security leaders to help you secure your journey to the cloud.

A Leader in SSE. Now a Leader in Single-Vendor SASE.

Learn why Netskope debuted as a leader in the 2024 Gartner® Magic Quadrant™️ for Single-Vendor Secure Access Service Edge

Get the report
Customer Visionary Spotlights

Read how innovative customers are successfully navigating today’s changing networking & security landscape through the Netskope One platform.

Get the eBook
Customer Visionary Spotlights
Netskope’s partner-centric go-to-market strategy enables our partners to maximize their growth and profitability while transforming enterprise security.

Learn about Netskope Partners
Group of diverse young professionals smiling
Your Network of Tomorrow

Plan your path toward a faster, more secure, and more resilient network designed for the applications and users that you support.

Get the white paper
Your Network of Tomorrow
Netskope Cloud Exchange

The Netskope Cloud Exchange (CE) provides customers with powerful integration tools to leverage investments across their security posture.

Learn about Cloud Exchange
Aerial view of a city
  • Security Service Edge chevron

    Protect against advanced and cloud-enabled threats and safeguard data across all vectors.

  • SD-WAN chevron

    Confidently provide secure, high-performance access to every remote user, device, site, and cloud.

  • Secure Access Service Edge chevron

    Netskope One SASE provides a cloud-native, fully-converged and single-vendor SASE solution.

The platform of the future is Netskope

Security Service Edge (SSE), Cloud Access Security Broker (CASB), Cloud Firewall, Next Generation Secure Web Gateway (SWG), and Private Access for ZTNA built natively into a single solution to help every business on its journey to Secure Access Service Edge (SASE) architecture.

Go to Products Overview
Netskope video
Next Gen SASE Branch is hybrid — connected, secured, and automated

Netskope Next Gen SASE Branch converges Context-Aware SASE Fabric, Zero-Trust Hybrid Security, and SkopeAI-powered Cloud Orchestrator into a unified cloud offering, ushering in a fully modernized branch experience for the borderless enterprise.

Learn about Next Gen SASE Branch
People at the open space office
SASE Architecture For Dummies

Get your complimentary copy of the only guide to SASE design you’ll ever need.

Get the eBook
SASE Architecture For Dummies eBook
Go to Solutions Overview
Go to Solutions Overview
Go to Solutions Overview
Make the move to market-leading cloud security services with minimal latency and high reliability.

Learn about NewEdge
Lighted highway through mountainside switchbacks
Safely enable the use of generative AI applications with application access control, real-time user coaching, and best-in-class data protection.

Learn how we secure generative AI use
Safely Enable ChatGPT and Generative AI
Zero trust solutions for SSE and SASE deployments

Learn about Zero Trust
Boat driving through open sea
Netskope achieves FedRAMP High Authorization

Choose Netskope GovCloud to accelerate your agency’s transformation.

Learn about Netskope GovCloud
Netskope GovCloud
  • Resources chevron

    Learn more about how Netskope can help you secure your journey to the cloud.

  • Blog chevron

    Learn how Netskope enables security and networking transformation through secure access service edge (SASE)

  • Events and Workshops chevron

    Stay ahead of the latest security trends and connect with your peers.

  • Security Defined chevron

    Everything you need to know in our cybersecurity encyclopedia.

Security Visionaries Podcast

Grappling with Global Regulations in the Defence Industry
In this episode of the Security Visionaries podcast, host Bailey Harmon interviews Dan Whittingham, Enterprise Security Architect for Cyber Tooling at Rolls-Royce

Play the podcast Browse all podcasts
Grappling with Global Regulations in the Defence Industry
Latest Blogs

Read how Netskope can enable the Zero Trust and SASE journey through secure access service edge (SASE) capabilities.

Read the blog
Sunrise and cloudy sky
SASE Week 2024 On-Demand

Learn how to navigate the latest advancements in SASE and zero trust and explore how these frameworks are adapting to address cybersecurity and infrastructure challenges

Explore sessions
SASE Week 2024
What is SASE?

Learn about the future convergence of networking and security tools in today’s cloud dominant business model.

Learn about SASE
  • Company chevron

    We help you stay ahead of cloud, data, and network security challenges.

  • Careers chevron

    Join Netskope's 3,000+ amazing team members building the industry’s leading cloud-native security platform.

  • Customer Solutions chevron

    We are here for you and with you every step of the way, ensuring your success with Netskope.

  • Training and Accreditations chevron

    Netskope training will help you become a cloud security expert.

Go to Customer Solutions
Netskope Training
Supporting sustainability through data security

Netskope is proud to participate in Vision 2045: an initiative aimed to raise awareness on private industry’s role in sustainability.

Find out more
Supporting Sustainability Through Data Security
Help shape the future of cloud security

At Netskope, founders and leaders work shoulder-to-shoulder with their colleagues, even the most renowned experts check their egos at the door, and the best ideas win.

Join the team
Careers at Netskope
Netskope dedicated service and support professionals will ensure you successful deploy and experience the full value of our platform.

Go to Customer Solutions
Netskope Professional Services
Secure your digital transformation journey and make the most of your cloud, web, and private applications with Netskope training.

Learn about Training and Certifications
Group of young professionals working

Navigating the Complex AI Regulatory Landscape – Transparency, Data, and Ethics

Oct 24 2023
By Neil Thacker

Ahead of the upcoming AI Safety Summit to be held at the UK’s famous Bletchley Park in November, I wanted to outline three areas that I would like to see the summit address, to help simplify the complex AI regulatory landscape. 

When we start any conversation about the risks and potential use cases for an artificial intelligence (AI) or machine learning (ML) technology, we must be able to answer three key questions: 

  • What AI models are being used? 
  • What data is being fed into them? 
  • What outputs do they produce? 

I discussed these questions on the recent episode of Netskope’s Security Visionaries podcast with Yihua Liao, Head of Netskope AI Labs, and Suzanne Oliver, Director of IP Strategy at Scintilla. We had a lively conversation about transparency, data, responsibility and regulation in this complex AI landscape. 

Transparency and models

Before we talk about AI, we first need to be clear about what we’re discussing—starting with the differentiation between technologies, specifically artificial intelligence (AI) and machine learning (ML). As early media coverage fixated on ChatGPT, we have found ourselves in a confusing landscape where many people misconstrue ChatGPT with artificial intelligence or machine learning in much the same way we conflate Google and search engines. 

Understanding the model being used is an essential element because of its potential to take the exact same data set, and draw wildly different conclusions based upon its biases—conscious or unconscious—that are ingrained from the outset. More importantly, without a clear understanding of the model, a business cannot determine if outputs from the platform fit within its own risk and ethics criteria.  

When considering regulations around specific models, there is currently little to influence the process or algorithms themselves, but we should be mindful of regulations around the eventual outputs. For example, an HR tool that uses machine learning to screen job applications could put a company at risk from discrimination legislation without strict efforts to mitigate bias. Similarly, an ML tool that can identify images of passports, drivers licences, and credit cards will be subject to personal data regulations. 

With so much variation in AI and ML models, it raises the question of whether regulators could help standardise the risk parameters for these models to give industry greater reassurance when onboarding a solution. For example, in the automotive industry we have clearly defined levels of autonomy for driverless vehicles, enabling car companies to innovate within a comfortable set of parameters. As AI sits on such a broad spectrum, from ML data processing to generative AI, there is perhaps an interesting opportunity for regulators to bring clarity to what is a complex sector.  

AI data supply chain

Before regulators leap into action on how they could control the development and use of AI, we should first take a look at how existing regulations could be applied to AI. 

AI and machine learning tools are highly reliant on a reliable data supply chain and IT and security leaders are already working to ensure compliance to a raft of data legislation—and swimming in acronyms like HIPAA, GLBA, COPPA, CCPA and GDPR. Ever since the introduction of GDPR in 2018, CISOs and IT leaders have been required to make clear what data they collect, process, and store, and for what purpose, with stipulations over individual users’ rights to control the use of their data. Leaders have rightly been concerned about how deploying AI and ML tools would impact their ability to meet these existing regulatory requirements. 

Businesses are asking both regulators and AI companies for the same thing—clarity. Clarity on how existing regulations will be applied to AI tools, and—if that changes—how it impacts their status as data processors. AI companies should make every effort to be transparent with customers through partnership agreements and terms of service on how their tools comply with existing regulations particularly in relation to the data collected, how it’s stored or processed, and the mechanisms for customers to restrict these actions.  

Responsible development

In lieu of regulators bringing clarity to the AI landscape, it falls on technology leaders to promote self-regulation and ethical AI practices within their organisations to ensure that the outputs of AI technologies are safe and beneficial for society. Many companies have already published their own guiding principles for responsible AI use, and they share many consistent themes of accountability, reliability, fairness, transparency, privacy, and security. 

If they aren’t already, technology leaders should be acting now to evaluate the implications of incorporating AI into their products. Companies should be setting up internal governance committees to discuss AI ethics, to evaluate tools and their applications within their own businesses, review processes, and discuss strategy in advance of more widespread regulation. 

Although it is apparently not a focus for the upcoming AI Safety Summit, the establishment of a regulatory body (similar to the International Atomic Energy Agency (IAEA) or European Medicines Agency (EMA)) would go a long way to setting a global framework for regulating AI. This body could help bring standardisation and set the criteria for continuous assessments of tools to ensure they adhere to these standards as models learn and grow. 

An intelligent future

AI has the potential to transform our lives but it cannot be at the expense of the fundamental principles on data rights and privacy that we have today. Regulators need to find a delicate balance that protects individuals without stifling innovation.  

After government and industry leaders meet at Bletchley Park, the first outcome I would like to see is a greater emphasis placed on bringing transparency to the current AI landscape. Rather than relying on goodwill and voluntary codes of conduct, AI companies should be required to be transparent over the models and technologies behind their tools. This will allow businesses and customers to make more informed decisions in their adoption and give them greater autonomy over their data.

< Full Skope
Next Story >
< Back
Next >
author image
Neil Thacker
Neil Thacker is a veteran information security professional and a data protection and privacy expert well-versed in the European Union GDPR.
Neil Thacker is a veteran information security professional and a data protection and privacy expert well-versed in the European Union GDPR.
Read More
More Articles by Neil Thacker
Read full Bio
More articles

Related Articles

card shape
Full Skope

The Data Sovereignty Imperative: The Business Value of Data Protection

By Arun Desouza
chevron Read the blog
card shape
Full Skope

Lessons from F1’s Cost Cap Applied to Cybersecurity

By Neil Thacker
chevron Read the blog
card shape
Full Skope

Tips for Leading a Technical Workforce

By Marcus Thompson
chevron Read the blog
Show More

Stay informed!

Subscribe for the latest from the Netskope Blog