Solutions The best route to security compliance
Platform A powerful suite of ISMS features
Resources Everything you need to know
Knowledge Base Learn more about infosec
Company Security and customers first
Back to Knowledge & Insights

The great AI regulation debate. Here’s what you need to know

In my last article I discussed the Hype Cycle surrounding Artificial Intelligence, the increasing role it is playing in all our lives in 2024 and how we are using Artificial Intelligence at Hicomply to make compliance easier and less labour intensive for our customers.

But as the field of AI and automation grows exponentially there’s another discussion to be had amongst the business community – and beyond. How secure is AI and should we approach the regulation of AI?

It was only in March of this year that the European Parliament approved the Artificial Intelligence Act, which directly addresses how AI should be used safely and responsibly. Here in the UK, we are yet to see a similar bill passed, although there is a high likelihood that one will follow in due course.

A white paper was released in 2023 outlining how individuals and businesses could use Artificial Intelligence “to drive responsible innovation and maintain public trust in this revolutionary technology”.

This point on trust is a critical one for us at Hicomply. We believe strongly in the power of innovation and we’ve seen how our software has already saved our customers significant cost, resource and time since we launched back in 2019. And with the addition of the AI functionality covered in my previous post, our technology has taken on much of the heavy lifting in relation to logging, finding and searching through documentation, as well as identifying organisational risks.

However, it would be remiss of us – as a tech business focused on information security – not to consider the need for checks and balances able to mitigate the risks associated with AI and machine learning tools.

The UK government announced in February of 2024 that it was taking a “pro-innovation and pro-safety” approach to AI. This term “pro-safety” can refer to a number of key concerns, such as societal harms, the risk of misuse, risks relating to inbuilt bias, and much more. However, perhaps the key consideration for the team here at Hicomply relates to the management of data protection and information accessibility via AI.

More specifically, it is the responsibility of those who utilise AI tools to implement appropriate levels of security against the unlawful processing, accidental loss, destruction or damage of personal data. This is, of course, an area that has always been relevant for organisations manually handling data. But in harnessing AI we must take steps to ensure that the programming of AI software is designed to safeguard against these issues.

AI systems introduce an extra layer of complexity that weren’t previously found in IT systems, and adds a new complexion to the issue of third-party code relationships with suppliers, as has recently been laid out by the ICO.

At Hicomply, we work to ensure that the integration of AI sits within a broader, holistic approach to security and risk posture. As we work to integrate useful AI functionality to our platform, we continually work on the strength and maturity of our risk management capabilities and document the changes in scope and context of our data processing.

Like all organisations looking to innovate and improve the customer experience, we endeavour to find a balance between progress and security. Our aim is to make our ISMS the most advanced, user-friendly and comprehensive on the market today, whilst also ensuring that our customers’ sensitive data remains safe and secure with us.

For a more comprehensive overview of what’s available on the platform, visit our AI platform page.

Want to see what our platform can offer you? Why not book a demo today or ask a question by emailing [email protected].

More Insights

ISO27001
Integrate your ISMS with your HR Platform for…
ISO27001
Helping organisations stay strong and drive…
ISO27001
Choosing the right certification standard for…