Cybersecurity: A Readiness Diagnostic for AI-Enabled Cyberattacks

We gave a plug to MIT yesterday, and today it’s Harvard’s turn.  This Harvard Business School “Working Knowledge” blog discusses how AI tools are accelerating cyberattacks and increasing the threat that those attacks pose. It suggests the following diagnostic for companies to run before their next board meeting in order to assess their readiness to respond to such an attack:

1. Can your business run for 48 hours without digital systems? Do you have manual processes in place to keep serving customers and completing critical tasks if a major attack takes down your infrastructure?

2. Have your top leaders completed the necessary training in AI security and ethics? This shouldn’t be just a webinar they clicked through, but real lessons on how these systems work and where they go wrong.

3. Is your AI deployment plan based on business resilience, rather than only growth? Are the systems you’re building making you stronger or weaker when the going gets tough?

4. Can your people still make good choices when data is unavailable? If the dashboards suddenly go down and the models aren’t available, does your leadership have the skills and processes to make decisions based on experience?

If the answer to any of these questions is “no,” the author says that company leadership needs to respond based on what he refers to as an “ACTS” framework. Under this framewowk, leaders Assume a breach is inevitable, Cultivate AI fluency at every level, Tie every AI investment to core operations, and Strengthen governance.

Yeah, I know that like most B-School acronyms, this one’s pretty cringe, but check the article out – there’s some good stuff in here.