If you're like most MSPs (or their end clients), you're wrestling with how to protect data and IP while also letting people use AI responsibly. If you don't allow AI use, you know your users will find a way. Our first question this week centers around how you can use AI responsibly while also remaining compliant. Our second question is around building and managing security programs. Enjoy!

Question 1: If you’re in a regulated industry, are you banning LLMs outright, or is there a compliant way to use them without leaking sensitive data?

Question 2: If a regulator-driven assessment tool is being sunset, how do you pick a replacement framework or assessment approach without starting over from scratch?

Ask us anything at https://blacksmithinfosec.com/ask and make sure to hit follow so you don't miss the answer!