In the News: Ashley Leonard of Syxsense on Cybersecurity Compliance in the Age of AI Threats
Published originally on January 19, 2024 by David Leichner, CMO at Cybellum on Authority Magazine


Compliance with regulatory standards and industry-specific guidelines for product security is an indispensable part of cybersecurity. In an age where malicious AI poses a significant threat, how do organizations ensure their product security strategies are not just effective, but also fully compliant? As a part of this series, I had the pleasure of interviewing Ashley Leonard.

Ashley Leonard is the Founder and CEO of Syxsense — the leading software provider of automated endpoint and vulnerability management solutions. Leonard is a technology entrepreneur with 25 years of experience in enterprise software, sales, marketing, and operations; providing critical leadership during high-growth stages of well-known technology organizations.

Are you working on any exciting new projects now? How do you think that will help people?

At Syxsense, we are always working on exciting projects, and a large part of our R&D team is focused on how cybersecurity can be reimagined with AI. While I am not ready to share anything publicly yet, our goal has always been to help our customers manage and secure all their IT Assets.

Let’s now shift to the main focus of our interview. How does the emergence of malicious AI threats impact compliance requirements for organizations? Are there specific regulations or standards that address the unique challenges posed by AI-related security threats?

AI is going to touch many areas of regulations, from privacy to standards like SOC II and ISO/IEC 27001 to industry-specific regulations such as the FAA’s guidelines for AI in aviation or the FDA’s regulations for AI in medical devices.

Unfortunately, regulations and standards typically take a long time to evolve, so it is vital that organizations follow best practices for securing all their IT infrastructure.

Can you provide an example of a compliance framework or approach that organizations can adopt to effectively address security concerns arising from malicious AI? How does this framework help organizations mitigate risks and stay compliant?

Beyond the basic things like Patch Management, Security Vulnerability Scanning and Remediation; at Syxsense, we are firm believers in ZeroTrust. By restricting access to resources and only granting access when trust has been proved and is needed, you can significantly reduce threats.

Don’t miss the full interview! Read it in full at Authority Magazine.