all right so please welcome Brian Paretti Esquire deputy chief AI officer and director domestic and international cyber security policy Department of Treasury and our panel moderator Mark abramowitz senior vice president of product and solutions marketing thanks you you're welcome hello everyone welcome thank you very much for being here thanks thanks for invting me really appreciate it let's have a seat and so um we're going to have a a conversation here around you know how we're looking at and how the federal government is looking at some of the executive or AI executive order as well as some of the guidance and guidelines that are coming out and so but first what I thought I would do is just ask Brian to give us a quick introduction about his role and um what's top of mind right now for him sure so hi I'm Brian pett uh first thanks for having me here really appreciate coming to events like this I think we really always learn more uh than what I speak about so it's really good to be able to talk to F folks understand how practitioners are really addressing some of these issues uh I I have two main roles uh and a third role at treasury one I'm the deputy chief AI officer a role that was just created uh out of the executive order that was released October 30th uh it will be solidified once the OMB guidance comes out hopefully a little later this month the second role is the uh director for domestic and international cyber policy so working on figuring out how we can align both our domestic and international components especially in this area of uh response recovery instant management and also development of normal policy going forward uh and the third uh I'm the US subject matter expert on uh cyber uh to the group of seven cyber expert Group which is a group of the uh group of seven uh which we get together to talk about how to better align efforts uh in uh cyber policy uh and response mechanisms across not only the G7 but the broader Community you may have seen earlier well last week earlier this week uh we released anou between us and Finland to increase information sharing what we've been trying to do is figure out how we can get more of the information uh into the hands of the network Defenders hopefully many of you out there whether it's tied to AI instant response cyber whatever to be able to make sure that you have what you need to be able to do it your job is more efficiently and effectively uh to protect this system that we call the financial system to get uh to be able to make sure it can deliver what it needs to do what your customers need what your users always need at that point so really excited to be here and talk about some of these and some other issues so thanks so my my I guess my takeaway there is wow that's that's that's a broad set of responsibilities and only so many hours in a day it impresses my mother not so much my mother-in-law too much but you know I'm going to I'm going to avoid I'm I'm not going to dive into that right now okay so um the White House's AI executive order right directs the Secretary of Treasury within about 150 days to issue a public report on the best practices for financial services and financial institutions about how they're going to manage their AI specific cyber security and risks and so with something that this falls directly into your world we'll have to you know hear how that's going and give us an update on what you're thinking yeah so hopefully it'll be done shortly it's due uh it all depends it's either Wednesday or Friday of next week so we we're still in that crunch time getting everything done what we did was about a year ago we released a report on cloud uh to be able to understand how Cloud was being used in the financial sector as the area of AI was bubbling up more and more the White House said you know you did a good job there uh as we know no good de goes on punished so they decided to assign us a report to understand how AI is working within the financial sector some of the the concerns out there how it's being deployed some of the challenges some of the opportunities going forward so we interviewed about 42 different uh stakeholders Financial firms from very large institutions to small Community Banks uh outside providers getting a good understanding of what they're looking at in this space what we can be uh thinking of how to develop areas better going forward I think a couple things we found out uh one uh there's no new risk that's uh as I identify because of s uh because of AI uh it's basically the current risk uh that's out there is still out there right people still try to rob banks uh but AI just gives a different potential Vector so there may be uh different ways to be able to try to get to that same uh risk uh but we still have to figure out how to make those risk mitigation techniques better based upon the environment we're in uh that evolution is going to be really critical the second one is uh from what we know almost nobody knows what the word AI means uh we hear a lot of different people calling it different things and so even creating a lexicon that we can talk about to be able to make sure that we're saying the same things in the same way is going to be critical third area governance how do we make sure that we're able to be able to understand what's happening that firms understand what's happening how they're deploying it how they're using it to really be able to understand uh the maximum ways to do that and the best ways to mitigate whatever those challenges that that are coming forward and then finally I just mentioned that there's definitely a data divide between small and large firms right if you have a big data set you're able to do a lot to create your models and and manage those models if you're on the smaller side you may not have enough information to really make it more robust but we know the bad guys either way are going to be targeting you right this is a key area to maybe get some fraud to make some money off it so what we're going to have to do is figure out how to build this together to be able to make sure we're in a much more robust way to be able to Target these U uh fraud vectors coming through to get best information to help them prevent the bad guys from winning so as we continue down this path we'll create some work streams uh to try to tackle some of these and some of the other large challenges and making sure that we're doing something that hopefully increases all of your confidence in the financial system and also hopefully bleed over into some other sectors to help uh them be able to you know learn from our Good Deeds so uh thanks BR what one of the things you you you touched on a little earlier as you were in exec Circle was the way you described like everyone like people have always been trying to rob banks right but the uh way you do that has changed and and looking at more a little bit more around it's not so much the risk but these are your words opportunity versus Challenge and maybe just if you could elaborate on that a little bit for this audience yeah so one of the things we did you know we did a hard dive to figure out what are the new risks that exist uh we did this when we did the cloud report a year ago when we did I AI trying to understand what is the new risk out there and we just didn't find any new risk we didn't come up with anything that was unique different than what the current challenges that banks are facing financial institutions or you are facing on a daily basis right people are trying to steal information they're trying to use Insider threat to cause problems they doing spear fishing right AI May amplify that right we see that in the on the bad side better spear fishing attacks coming through because AI is doing a better job we're also seeing on the positive side uh models are being trained better to prevent that so your firewalls are much more uh better they can be up uploaded and fixed in real time to be able to get that without that human interaction to some extent now that doesn't mean you take the human out altoe the CEO of Nvidia just yesterday was saying AI just changes the way in which you're in charge right you may be able to move resources from here to there but you still need to have a human in that place because if you don't these areas may do stuff that is not what you originally planned so how do you then retrain your Workforce to get to a place in which maybe you don't need somebody who drafts a document as the first line but you need somebody to say is a copy iter to make sure the output from a a chat gbt open AI something like that is not incorrect right so it's a different skill set how do we merge them to understand and train Personnel to not make sure we had this huge Workforce divide that we've had in some other areas where we just don't have enough Personnel thank you I think that's you know uh insightful just thinking through um you know the the the changing or the technology changes but the the goals of of Bad actors really haven't changed you know and the sophistication grows on both sides both on the offense and the defense and so just changing topics a little bit here but still sticking with the White House's AI executive order um is this order you know directs the OM to issue guidance to agencies again within 150 days which is just around the corner as you mentioned uh to strengthen the effective and sort of the appropriate use of AI in AI Innovation and you know managing risks risks from that in the federal government and so again just looking to to get your perspective on how that is going is this also you know something that we must be actively working on right now yeah so so this keeping me busy uh so uh one of the things that that really came out at least once again the guidance isn't finalized it'll be coming out shortly but at least have everybody seen it the draft guidance came out November 1 for open uh period of comment uh and so some of the things that are going to be required we need to have a cheap AI officer right somebody who owns this risk who understands this risk who is able to really be an advocate both on the positive and negative side of AI so that uh you know the government agency is able to really understand the challenge and maximize as much as possible uh there also have to do uh create a governance board uh chaired by the deputy secretary of the department or agency and also with the chief AI officer as the uh the vice chair I'll be the deputy in that probably you know making sure a lot of this runs really smoothly going forward but then understanding how these use cases are across all the different departments and agencies so for example you may have seen uh as we were doing the the internal um review of our stuff we had to publish this and send it over to om uh but uh just two weeks ago we came out with uh because of AI uh and the deployment of AI in in one of our areas is we saved about $375 million uh from fraud reducing fraud losses and what we're seeing is in the private sector similar similar issues uh in which uh some firms have said they've been able to drastically reduce the fraud losses by deploying AI really being able to spot the Bad actors quickly and be able to shut down the schemes that they have within organizations before they can really maximize it so as we're looking at this trying to understand right where can we really maximize the use of AI to be able to prevent bad things from happening be able to spot Trends before they exist and if we do it the right way hopefully maximize the user experience uh with treasury I know everybody here loves IRS if we can make that engagement much smoother you can imagine that could be very beneficial especially if you're on the government benefit receiving side uh my mother my my mother-in-law both receive Social Security they would get that check maybe in a in a b better way without as much uh interaction as may have been in the past so trying to think how we kind of work to be able to get to a better spot in this area we also have some other roles we have to do uh hopefully if it comes out the same way regarding oversight of AI deployment within the organization understanding exactly what's going on but I think the maximum the most important thing and I would say to everybody here the same way that governance board is really going to be critical how do we make sure that we have about a 100,00 people within treasury how do we make sure all those different vast components that are all across the the country and overseas are connected together if somebody's deploying AI that use case is going to be shared across the whole organization and if somebody else can use it they'll also be able to pick it up easily or if one of our other parts of the federal government is using something and has a good technique or a deployment of AI that may be helpful for us how can we bring that in house to be able to get this to a better spot it's a challenge we're always going to have information sharing is never uh really perfect but it could be a way in which we could really maximize the the use once again there challenges and the the key I think in this place is also to be able to understand where those challenges manifest and how they've been able to overcome those right the risk mitigation strategies we used how do we make sure we continue to modify and continue to go down that path as you mentioned people have been robbing banks for 600 plus years they're going to keep doing that how do we think about how the new vectors the new ways they're going to do that uh to go go after that but but the challenge we keep and coming back to the point right risk is always there right it's how we manage it how we mitigate it how we exploit it for our benefit how do we go down that path AI is not good or bad it's just there how do we use it in the right way to get to the right spot a challenge and that's where we hope we engage with a lot of you all going forward to understand what you're doing how you're tackling it and honestly if if there's any materials you think we should be reading please send it over to us love to read love to read so thanks Brian I think the uh two two two minor points there just had a really good irs.gov digital experience recently which was which was very actually like very refreshing but two you mentioned a little bit about uh fraud detection which is clearly part of some of the the Govern or some of the the outcome of um being able to use AI more more consistently across these these segmented or private data sets and so I think it's it's interesting also how the private sector and the public sector have an opportunity here I think to to to work together um particularly on on you know fraud detection disputes management and really thinking about how AI can can anticipate can get ahead um as well as be Pro you know more than proactive but you know take action necessarily that is that is well thought through so I think that's just a terrific use case to be thinking about and just to sort of transition to use cases right I understand that most federal agencies have their use cases are sort of in in pre-production or in not even there and just in the planning phase and so if you had some you know advice or um words of wisdom you know what what what do what are your departments what do your departments need to do to kind of move that forward into something that is in production I think that the challenge is really to understand in a really nuanced way what problem you're trying to solution for and then being able to build the AI platform and and strategy around that a lot of times you try to boil the ocean and you try to create something that's going to solve all the world's problems uh it's probably not going to work right so how do we kind of think about those small areas so scope scope it appropriately scope it is really critical without that you just have you don't have Mission creep you just have creep all over the place in which you don't get it then you get frustrated right people get frustrated on that space so how do we make sure we're identifying just the nuanced areas where we can hit AI with and then also from there from the success build out right if it's worked here what why did it work here and then how can we build that to the next space and go forward so if we can do that right and understand what that is and Hope you all do that within your day job as you're deploying AI we have better understanding and then we can start sharing some of those best practices which is going to be the key if we all try to develop that's all on our own not going to be helpful but where there are wins out there where there are successes let's publicize them let's talk about them let's share them and then we'll be able to then go down the next PATH of getting them even better but also removing those obstacles the impediments that don't allow us to get to maximum of efficiency going forward so just to Quick that scope matters right and being very discreet about the problem you're trying to solve but also once the problem is solved let's let's share it amongst uh agencies and different missions but also I would say between the private and public sector and an opportunity for all of us to learn and so one of the things I'll just mentioned within our report we're publishing part of it is also to share best practices so what we've already learned that's been successful and what we're going to do is engage in a public private partner dialogue to start talking about about that how can firms in the financial sector and other places really start to create vectors to share right and so if you're imagine you're a cheap risk officer you're a CIO you're a siso you already have those areas right those places where you can come together how do we create an environment where Chief AI officers can come together to share that stuff to go to cocktail parties to go to events like this or other ones to really be able to start to talk about some of the benefits they found some of the challenges they have and then hopefully talk about how things were better at the end of the day so it's going to be interesting be an interesting journey and and excited for yeah it's a very exciting time and I think that that's a great way to actually wrap up this conversation we are out of time and so I would just like to thank you Brian for spending most of the day with us here at Federal forum and I'm gonna turn it back over to Steve at this point and continue with the program