Data & Security before AI

TechincalOpinionAIProject Methodology
Written By vishal vashisht

As everyone throws AI at the wall in the hopes that something sticks, we are seeing the same issues pop up again and again and again.

Too many senior leaders forcing the purchase of AI & starting projects. Essentially saying to consultants “Here’s this widget that we’ve bought…poke it and make it dance for me!”

The successful implementations seem to have the same mirrors of other successful projects, which is 80% planning and 20% implementation. Ask what your USERS want & where they think AI can help THEM do their job more efficiently.

Clean your data FIRST. There is no point just throwing a chatbot at the mess that most companies call their Data & hope for the best. This means a data management plan, tagging data, good governance, permissions, locations, ACTUALLY KNOWING what data you have. You can’t just import a website, folder or Sharepoint site and hope the AI sorts it all out. This could be a multi year effort BEFORE you’ve even started rolling the AI out.

While you’re doing that, take advantage and work on the security aspect. Once again, permissions, who has access to what, should they have access to it and WHERE is your data. Can it be exfiltrated? What is important and what should you have archived years ago?

All of this can be done in parallel. Clean up some data, get it in the state that it’s actually useful and roll out an AI application to a small group of relevant users. Get USER feedback directly to developers & security. Involve HR, Finance & Governance. Get the application working, secure and usable. Don’t forget the edge cases.

Then expand it across your environment slowly. CONSTANTLY getting feedback from users and ensuring that they understand that these things are a tool to help them in their day to day work, NOT to replace them. Also ensure that Data CLEANING & security is a prerequisite to getting the applications. If you roll it out to 1 team & it works well, everyone else will want it. Avoid then doing what a LOT of places do, which is suddenly bring deadlines forwards, throw out all the good preparation work that you’ve done & end up with an application that started off well & now is suddenly not worth the disk space it’s stored on because no one could say no to a Director or Product Owner.

The tortoise won the race, not the hare…LEARN from other peoples multitude of mistakes. You’re not an Amazon or a Netflix, do whats best for your customers and your staff & push back on unrealistic deadlines as other teams not doing their bit by cleaning up their data or doing security courses.

Good luck…

vishal vashisht
Previous

Software Repository attacks
Next

Emerging Cybersecurity Threats in 2025