Securing AI Copilots: Strategies and Practices for Protecting Data

The data behind AI copilots is not only their most critical asset but also a key strategic consideration for enterprises and SMBs alike. This talk examines the challenges of securing diverse AI architectures at scale—while navigating the intricacies of the AI supply chain, from data ingestion to model deployment. Gain practical insights into safeguarding sensitive data, ensuring integrity throughout the pipeline, and enabling innovation without compromising trust. Learn how to align your AI strategy with robust security practices that maximize value and maintain end-to-end resilience.

Speaker

Andra Lezza

Principal Application Security Specialist @Sage, 10+ Years of Experience Building AppSec Programs, OWASP London Chapter Leader

Andra is a Principal Application Security Specialist at Sage, with over seven years of experience in the field of application security. She is responsible for implementing DevSecOps practices, conducting security assessments, and developing secure coding guidelines for software engineering and AI/ML teams. She has a strong background in software development and project management, as well as a master's degree in information and computer sciences. She has been co-leading the OWASP London Chapter since 2019, where she organises and delivers events and workshops on various security topics. She is passionate about educating and empowering developers and stakeholders to build and deliver secure software and best practices in a fast-paced, results-driven environment.

Read more

Date

Tuesday Apr 8 / 03:55PM BST ( 50 minutes )

Location

Mountbatten (6th Fl.)

Share

Share Share

From the same track

Session software supply chain

Trust No One: Securing the Modern Software Supply Chain with Zero Trust

Tuesday Apr 8 / 01:35PM BST

Can you truly trust your software supply chain? As cloud-native software development surges, threat actors increasingly target the supply chain, exploiting vulnerabilities in CI/CD pipelines, dependencies, and container images.

Speaker image - Emma Yuan Fang

Emma Yuan Fang

Senior Cloud Security Architect @EPAM, DevSecOps, Cloud Security Advocate, Strategist and Public Speaker, Ex-Microsoft, CISSP

Session

Secure by Design: Building Security into Engineering Workflows and Teams

Tuesday Apr 8 / 02:45PM BST

Security doesn't have to be a blocker- it can be an enabler. In this session, we’ll explore how to seamlessly integrate secure development practices into engineering workflows while fostering a culture of collaboration and shared ownership.

Speaker image - Stefania Chaplin

Stefania Chaplin

Founder & CEO @DevStefOps, Previously Solutions Architect @GitLab, AWS Certified Security - Speciality

Session open source

Empower Your Developers: How Open Source Dependencies Risk Management Can Unlock Innovation

Tuesday Apr 8 / 11:45AM BST

As security practitioners, we face the challenge of driving innovation whilst needing to balance security risks.

Speaker image - Celine Pypaert

Celine Pypaert

Vulnerability Manager @Johnson Matthey, Women in CyberSecurity UK Volunteer, Book Contributor, Ex-Microsoft

Session supply chain security

Supply Chain Security and the Real World: Lessons From Incidents

Tuesday Apr 8 / 10:35AM BST

Supply chain security is becoming more and more important, but it is often talked about in abstract and general terms that do little to help the average organization.

Speaker image - Adrian Mouat

Adrian Mouat

Technical Community Advocate @Chainguard, Complainer of Supply Chain Security & Author of "Using Docker"

Session

Unconference: Resilient Engineering Practices for Security Against Modern Threats

Tuesday Apr 8 / 05:05PM BST