First-time visitors to Hawaii are often encouraged to purchase the ‘Hawaii Revealed’ series. Each book in this series breaks down the best hikes, restaurants, beaches, and activities on each island. According to the authors, it took them two full years to become experts.
In today’s fast-paced environment, you don’t have two years to become an expert on everything. Founders and entrepreneurs wear many hats but can’t be experts in all areas. Ask any founder years after starting their journey, and they’ll tell you they wish they had used experts to save time and money. Fortunately, thanks to AI tools, an expert is at your fingertips.
One of my many duties is to serve as a Security Officer for a healthcare IT consulting firm. When we engage with a new client, we must complete a security assessment to verify that we are equipped to protect patient health information. Over the years, we’ve drafted and revised several documents documenting our security posture. However, since I wear many hats at this organization, I can’t focus solely on security. Enter the ad-hoc expert, ChatGPT.
Creating My Own Security Expert
Step-by-Step Process
- Gathering Relevant Documentation: The first step was gathering all relevant security documentation. This included:
- Security policies
- Configuration management plans
- Data breach procedures
- Encryption and transmission policies
- Acceptable use policies
- Compliance reports and certifications from service providers
- Providing Context to the AI: To ensure the AI understood the scope and relevance of the documents, I provided detailed context about our operations, including:
- The primary tools and services we use
- The nature of our business and interaction with client systems
- Specific security measures already in place, such as Multi-Factor Authentication (MFA), strong passwords, and Virtual Private Network (VPN) usage
- Asking Targeted Questions: With the context and documents in place, I asked targeted questions designed to address specific security concerns, such as:
- Protocols for remote work and managing risks associated with personal/public Wi-Fi networks
- Perimeter security measures for cloud-based resources
- Justifications for not performing regular vulnerability scans on third-party services
- Processes for detecting unauthorized disclosures and data breaches
- Policies on using personally owned devices
- Refining and Tailoring Responses: Based on the AI’s initial responses, I refined and tailored the information to ensure it accurately reflected our security practices and aligned with industry standards. This step involved:
- Validating the AI’s responses against our existing policies and practices
- Ensuring the language was clear and concise
- Adding any missing details or clarifications as needed
- Compiling and Documenting the Insights: Once the responses were refined, I compiled them into a comprehensive document that addressed all the questions and concerns raised. This document served as a valuable resource for internal audits, client inquiries, and enhancing our overall security posture. Using AI, I was able to generate any missing documentation, strengthening our security stance and preparing us for future assessments.
By following this structured approach, I was able to leverage AI to enhance our security expertise effectively. The process provided immediate answers to pressing security questions and improved our documentation and understanding of best practices. Are you ready to bring in your own expert? With enough information, you can turn AI into an expert for any issue.
Assignment for Readers
To help you replicate this process and enhance your expertise, here’s a generic assignment:
Assignment: Leveraging AI to Enhance Expertise
- Gather Relevant Documentation: Collect all relevant documentation for your area of focus, including policies, procedures, compliance reports, and any relevant certifications.
- Provide Context to the AI: Create a detailed context document outlining your organization’s operations, the tools and services you use, and any existing measures or protocols.
- Develop Targeted Questions: Identify specific concerns or areas where you need clarity. Develop a list of targeted questions to ask the AI.
- Engage with the AI: Provide the context and documents to the AI and ask your targeted questions. Engage in a detailed dialogue to refine the AI’s responses.
- Refine and Document Responses: Validate the AI’s responses against your existing practices and refine them for clarity and accuracy. Compile the final responses into a comprehensive document.
- Review and Enhance: Review the document with your team to ensure it aligns with your organizational standards. Use the insights gained to enhance your policies, procedures, or practices.
By following these steps, you can leverage AI to become an expert in your field and ensure your organizational measures are robust and up-to-date.