AI as the Attack Surface: Navigating Breaches, Contractual Indemnity, and Third-Party Risk

As artificial intelligence increasingly integrates into core business operations, organizations face a complicated and novel risk landscape. Whether deploying proprietary models or engaging vendors who leverage AI systems, enterprises confront a dual-threat paradigm: AI infrastructure may be compromised by malicious actors, or AI systems themselves may inadvertently facilitate data exposure through unauthorized access, unintended disclosures or unscrupulous vendors. Effective incident response in this context demands more than conventional approaches. The distinctive architecture and operational characteristics of AI models create novel forensic and legal complexities in breach attribution, scope determination, and validation of data compromise. This panel brings together legal and technical expertise to address the intersection of AI security and regulatory compliance. Through examination of recent AI-related security incidents, panelists will provide actionable frameworks for anticipating, detecting, and mitigating these emergent risks, equipping attendees with practical strategies for safeguarding organizational data in an evolving threat environment.