Netskope's Responsible AI Policy

AI Policy sections

Introduction Scope Risk Management Objectives Regulatory Compliance Ethical Principles AI Security Standard Transparency and Accountability Continuous Improvement Conclusion

Introduction

Netskope is committed to leveraging Artificial Intelligence (AI) and Machine Learning (ML) technologies in a responsible and ethical manner. This policy outlines the principles, regulations, and controls that guide the use of AI/ML at Netskope, ensuring compliance with relevant laws, including the EU AI Act, and adherence to our customers expectations, Netskope policies, and Netskope AI security standards.

Netskope has an active internal AI Governance Committee that sets internal policy, processes, and standards for the safe and ethical use of AI/ML within Netskope and in Netskope products. The Committee includes both technical, privacy and legal experts.

Scope

This policy is applicable to all employees and independent contractors of Netskope. The requirements defined in this policy are applicable to AI/ML systems and services owned/or managed by Netskope.

Risk Management

Adhering to this policy enables Netskope to maintain the highest standards of security, fairness and innovation while mitigating potential risks, including mitigation of data breaches, privacy violations, AI/ML technical exploitations, regulatory penalties, reputational damage, loss of trust and potential legal liabilities. By enforcing strict adherence to this policy, these risks can be mitigated, whilst maintaining a commitment to ethical, transparent, and secure AI/ML practices.

Objectives

Ensure the ethical use of AI/ML technologies
Comply with regulatory requirements, including the EU AI Act
Support NIST AI risk management framework standard
Protect the privacy and security of data
Promote transparency and accountability in AI/ML systems
Implement robust organizational and technical controls

Regulatory Compliance

Netskope’s AI/ML initiatives comply with applicable laws and regulations, including the following:

EU AI Act: Netskope adheres to the guidelines and requirements set forth by the EU AI Act, ensuring that our AI systems are safe, transparent, non-discriminatory, and respect fundamental rights.
GDPR and Data Protection Laws: AI/ML systems are designed and operated in compliance with the General Data Protection Regulation (GDPR) and other relevant data protection laws, ensuring the privacy and security of personal data.

Ethical Principles

Netskope’s use of AI/ML technologies is guided by the following ethical principles:

Fairness: Ensure that AI/ML systems do not discriminate against individuals or groups based on race, gender, age, or other protected characteristics.
Transparency: Ensure transparency in AI/ML systems, providing information about how AI systems operate and the intended purpose.
Netskope Classification: Netskope Private
Accountability: Establish clear accountability for AI/ML systems, ensuring that there are mechanisms in place for oversight and redress.
Safety and Security: Ensure that AI/ML systems are secure and do not pose a high-risk to individuals or society.

AI Security Standard

Netskope has established an AI security standard, leveraging the NIST Artificial Intelligence Risk Management Framework (NIST AI RMF) along with best practice guidance from CISA and NCSC, that includes both organizational and technical controls to manage and govern the use of AI/ML:

Organizational Controls

Governance Framework: Established governance framework for AI/ML, including an AI governance committee to oversee AI initiatives and ensure compliance with ethical and regulatory standards.
Training and Awareness: Provide regular training and awareness programs for employees on responsible AI practices, ethical considerations, and regulatory requirements.
Risk Management: Conduct regular risk assessments of AI/ML systems to identify, evaluate, and mitigate potential risks.
Inventory: Maintain an accurate inventory of AI/ML systems to ensure visibility, accountability and continuous governance of risks.

Technical Controls

Data Management: Applied robust data management practices, including data quality checks, anonymization, and minimization, to protect the privacy and security of data used in AI/ML systems.
Model Monitoring and Validation: Implemented continuous monitoring and validation of AI/ML models to ensure their accuracy, fairness, and reliability.
Security Measures: Applied advanced security measures, such as encryption, anonymization, access controls, and threat detection, to protect AI/ML systems from cyber threats.
Bias Mitigation: Implemented techniques and tools to identify and mitigate biases in AI/ML systems, ensuring fairness and equity in outcomes.

Transparency and Accountability

Netskope commits to maintaining transparency and accountability in the use of AI/ML technologies by:

Documentation and Reporting: Documenting AI/ML development processes and decisions, and providing regular reports on AI initiatives to stakeholders.
Audits: Conducting regular audits of AI/ML systems and practices to ensure compliance with ethical standards and regulatory requirements.
User Engagement: Providing mechanisms for users to request further information on use of AI/ML systems, supporting transparency and understanding.

Continuous Improvement

Netskope is dedicated to continuous improvement in the responsible use of AI/ML technologies by:

Innovation and Research: Investing in research and development to advance the state of responsible AI and address emerging ethical and regulatory challenges.
Stakeholder Collaboration: Collaborating with industry peers, regulators, and other stakeholders to share best practices and contribute to the development of responsible AI standards.

Conclusion

Netskope is committed to the responsible and ethical use of AI/ML technologies, ensuring compliance with relevant regulations and adhering to our AI security standard. Through robust organizational and technical controls, we strive to maintain the highest standards of transparency, accountability, and fairness in all our AI/ML initiatives.

For further information or inquiries about Netskope’s AI policies, please contact the privacy team ([email protected]). Additional resources are also available via Netskope AI Labs and the Netskope Community.