The speed at which artificial intelligence (AI)\u2014and particularly generative AI (GenAI)\u2014is upending everyday life and entire industries is staggering. Slowing the progression of AI may be impossible, but approaching AI in a thoughtful, intentional, and security-focused manner is imperative for fintech companies to nullify potential threats and maintain customer trust while still taking advantage of its power.\n\nAI threats to fintech companies\n\nWhen I think about possible AI threats, top of mind to me is how AI can be weaponized:\n\nWhile we can\u2019t plan for every new threat that AI poses, it\u2019s imperative to have the right AI usage guardrails in place at Discover\u00ae Financial Services and know how to quickly address any vulnerabilities.\n\nOur approach to securing against AI threats and ensuring Responsible AI\n\nAt Discover, we\u2019ve established an AI Governance Council, which consists of a cross-functional team of data scientists, cybersecurity experts, audit and compliance personnel, legal representatives, technologists, and decision-makers who collaborate to set standards to establish a framework for the adoption of AI in a responsible manner.\n\nBy including a wide range of participants who represent different facets of how AI is being used, unique use cases, and differing perspectives, we can create AI guardrails applicable across business units within Discover. Additionally, it\u2019s paramount within the financial services sector to ensure responsible AI and adherence to regulatory guidance for model risk. Keeping our AI approach interpretable and managing bias becomes crucial.\n\nAt a high level, these guardrails relate to:\n\nAs we deploy our guardrails, we also evangelize across teams at Discover through our internal learning platform, Discover Technology Academy, through various events and emails and required security training.\n\nManaging GenAI testing and access with trusted partners\n\nWe don\u2019t have the luxury of waiting to see how AI evolves before it affects our everyday life. We must deal with the threats it poses in real time\u2014while taking advantage of the competitive advantages it offers.\n\nTo us, that takes shape by using closed language models, with AI partners we trust, to run proof of concepts and other tests that help us understand how to use GenAI in a trustworthy and transparent way. We have partnerships with large tech companies to test their AI offerings and tools in controlled, managed experiments.\n\nConclusion\n\nAs the Chief Information Security Officer (CISO) at Discover, I am both excited and sober about how generative AI will change the fintech landscape in the coming years. The trust we build with our customers is our most important asset\u2014and we don\u2019t take that for granted. Having clear guidelines for how employees can engage with and use AI models and mechanisms to enforce guidelines will help us enable innovation while ensuring the security of our customers, their data, and their assets.\n\nVisit Discover Technology to learn more about Discover\u2019s approach to security, AI, reliability and more.\n\nAuthor\n\nShaun currently serves as the Senior Vice President, Chief Information Security Officer for Discover Financial Services. In this role, he is responsible for implementing the information security strategy, enabling the business, and securing customer data, digital assets, and payments with a focus on enabling digital transformation. \n\nShaun has over 20 years of IT experience with specialization in information security and risk management. Shaun has held roles in increasing responsibility at the Department of Defense, culminating in the role of Chief Information Security Officer for the Department of Homeland Security, US Customs and Border Protection. He was Vice President, Chief Information Security Officer at Freddie Mac and most recently, he served as Managing Director, Chief Information Security Officer at Barclays International.\n\nHe serves on the board of the Kohl Children\u2019s Museum, is an adjunct professor at Carnegie Mellon University, and an independent director at Valimail, a venture backed e-mail security company. Shaun is also a Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), and a graduate of the Department of Defense Executive Leadership Development Program.