Trust Operations in the AI Basic Act Era, Seen Through Security Lens: Visualizing and Addressing AI Service Security Risk
Session Overview
With the AI Basic Act now in effect, enterprise AI adoption is expanding beyond model performance and time-to-launch into how to manage safety, transparency, and reliability throughout operations. The specific legal obligations vary depending on a company's role and the type of AI product or service β but regardless of legal applicability, the risks in the cloud, data, IAM permissions, code, and workloads that underpin an AI service are a core challenge that must be managed for stable service operation and customer trust.
Security Lens is a security operations platform built to respond to this shift β giving a single view into the security posture of the infrastructure environment an AI service runs on, and connecting identified risks to remediation and audit evidence. This session walks through, process by process, how Security Lens identifies cloud assets, IAM permissions, data assets, code security, vulnerabilities, and attack paths, and connects priority remediation items to tickets, SLAs, and audit evidence.
Key Takeaways
- Why AI service trust operations matter now β distinguishing legal obligations from operational challenges in the AI Basic Act era.
- AI service security risk beyond the model β the attack surface created by cloud, permissions, data, code, and workloads.
- Security Lens asset visibility β identifying priority risk based on asset relationships and attack paths.
- Security Lens security process β connecting risk to tickets, SLAs, remediation history, and audit evidence.
Speaker
Manager Jeho Park works as a Cloud Security Solutions Architect at GS Neotek. He holds certifications as an Information Security Management Engineer and ISMS-P Certification Auditor, and has resolved cloud and security challenges for clients across a wide range of industries through consulting, infrastructure and solution design, and implementation projects. He currently researches AI security and trustworthy security operations frameworks needed for the AI agent era.

