In this lesson, learners explore why organizations are simultaneously excited by and wary of generative AI, and what that tension means for day‑to‑day work and long‑term data security. By the end of the session, you will be able to clearly explain the “trust gap” around generative AI: why the technology is so powerful for productivity, insight generation, and automation, yet often locked down or heavily restricted inside enterprises.

You will learn to identify the main risk categories that cause IT, security, and legal teams to impose strict controls on generative AI use—such as data leakage, model misuse, regulatory exposure, IP protection, and shadow AI adoption. You will also be able to map those risks to concrete business scenarios, for example: employees pasting sensitive data into public AI tools, AI-generated content that may violate compliance rules, or third‑party AI vendors that do not meet internal security standards. The lesson walks through how these risks translate into typical policy responses: blanket bans, narrow pilots, strict approval processes, and limited integration with core systems.

By the end of the lecture, you will be able to:
- Articulate the business value cases that make generative AI attractive to leadership.
- Describe the specific concerns that drive security and compliance teams to restrict deployment.
- Recognize common organizational patterns: public vs. private models, “walled garden” AI deployments, and controlled access to sensitive data.
- Evaluate AI use cases in your own environment through the lens of risk versus reward, so you can participate in or influence internal discussions about safe adoption.
- Communicate trade‑offs clearly to both technical and non‑technical stakeholders, helping bridge the gap between innovation and protection.

This lesson is tool-agnostic but uses widely known platforms and services as reference points to make concepts concrete. You will see examples and discussion referencing:
- Public large language model interfaces (e.g., web‑based AI chatbots and assistants) and why they are often blocked or limited.
- Enterprise AI offerings and private or hosted language models that are designed with stronger data isolation.
- Typical security and governance mechanisms, such as data loss prevention (DLP), access control, logging, and model usage monitoring, as they relate to generative AI.

No specific tool proficiency is required or taught; instead, the session focuses on understanding patterns that apply across technologies, so you can adapt the principles to whichever AI stack your organization uses or plans to adopt.

This lecture is designed for a professional audience involved in or impacted by AI adoption in organizations. It is especially relevant for:
- Security and risk professionals who need to understand the unique challenges of generative AI.
- IT leaders and architects responsible for enabling or constraining access to AI tools.
- Data leaders, including data engineers, data scientists, and analytics professionals, who must balance data utility with protection.
- Product managers and innovation teams exploring generative AI use cases under enterprise constraints.
- Compliance, legal, and governance stakeholders who need a practical framing of AI risk.
- Business leaders and managers who want to harness generative AI while respecting security, privacy, and regulatory obligations.

The lesson assumes basic familiarity with AI concepts but does not require deep technical expertise. It is intended for anyone seeking a structured understanding of why generative AI remains restricted in many companies and how to move from “default no” to pragmatic, risk‑aware adoption.

In this lesson, you’ll unpack the complete end‑to‑end workflow behind modern generative AI systems, focusing on how training data and user prompts work together—and where data security risks emerge.

By the end of this lesson, you will be able to:

- Explain how generative AI models are trained, from data collection and preprocessing to model training and fine‑tuning.
- Distinguish clearly between **training data**, **fine‑tuning data**, **in‑context data** (prompts and retrieved content), and **output data**, and identify where sensitive information may live in each stage.
- Describe how prompts, system messages, and context windows steer model behavior—and how they can accidentally expose confidential or regulated data.
- Map the GenAI workflow to concrete data‑security concerns: data leakage into models, prompt injection, model memorization, shadow data, and insecure logging of prompts and outputs.
- Evaluate a GenAI use case and pinpoint which parts of the workflow need additional controls such as redaction, access control, or encryption.
- Design safer prompt and data‑handling patterns (e.g., using pseudo‑anonymization, retrieval‑augmented generation, or scoped context) to reduce the risk of exposing sensitive data.

Tools and technologies covered in this lesson include:

- Conceptual overview of large language models (LLMs) such as GPT‑4, Claude, and open‑source models (e.g., LLaMA‑family models) with emphasis on their data flows rather than coding.
- The GenAI lifecycle in common platforms (e.g., OpenAI, Azure OpenAI, Anthropic, and similar managed services), focusing on how they handle training data, prompts, logs, and retention.
- High‑level treatment of retrieval‑augmented generation (RAG) architectures, vector databases, and prompt‑orchestration layers as they relate to data exposure.
- Practical examples of prompt‑logging dashboards and API configurations that impact data retention and privacy.

This lesson is designed for:

- Security and privacy professionals who need to understand where data risks arise within GenAI workflows.
- CISOs, security architects, and risk leaders responsible for approving or designing GenAI initiatives.
- Data protection, compliance, and legal teams working on AI governance, DPIAs, or AI‑related policy.
- Engineering, data, and ML leaders who must collaborate with security to deploy GenAI safely.
- Product managers and business owners evaluating GenAI use cases involving customer, employee, or proprietary data.

No deep ML or coding background is required; the lesson focuses on conceptual clarity and practical risk awareness across the GenAI training and prompting lifecycle.

This lesson unpacks what actually happens when a generative model turns a prompt into an answer, code snippet, image, or document—and what that means for security, privacy, and compliance. By the end, learners will be able to clearly explain each step of the GenAI inference workflow, map those steps to concrete risk points, and make more informed decisions about how and where to deploy generative systems inside their organization.

Learners will explore:

- How prompts are processed: tokenization, context windows, embeddings, and how user input flows from the application layer to the model.
- The inference “black box”: what model inference really is, how parameters and weights are used, and why this matters for data exposure and intellectual property concerns.
- Output generation and post-processing: how responses are constructed, ranked, filtered, and logged—and where sensitive data can accidentally be stored or leaked.
- Key security choke points: where prompts, intermediate representations, and outputs may be cached, logged, or transmitted across networks and third-party services.
- Alignment and safety layers: content filters, policy enforcement, and why these safeguards do not fully eliminate data security risk.
- Practical implications: how understanding the inference pipeline informs choices about access controls, redaction, prompt design, and which workloads should never go to external GenAI services.

By the end of the lesson, learners will be able to:

- Diagram a typical GenAI request–response flow from end user to model and back.
- Identify which stages of the workflow may handle sensitive or regulated data.
- Ask the right technical and contractual questions of GenAI vendors and internal teams.
- Evaluate whether a particular use case should rely on public, hosted, or private GenAI deployments based on security requirements.
- Communicate GenAI workflow risks clearly to both technical and non-technical stakeholders.

This lesson uses widely adopted GenAI platforms and concepts as reference points, such as:

- API-based large language model services (e.g., hosted LLMs accessed via HTTPS APIs).
- Typical application integration patterns (middleware, logging layers, vector databases for retrieval-augmented generation, and prompt orchestration frameworks).
- Common safety and moderation layers used in enterprise GenAI stacks.

The focus is on architectural understanding and risk awareness rather than hands-on coding, so tools are discussed conceptually to illustrate where data travels and how it may be stored or processed.

The lesson is designed for:

- Security, risk, and compliance professionals who must assess and govern GenAI usage.
- Engineering and data teams integrating GenAI into products, workflows, or internal tools.
- Technology leaders, product managers, and architects deciding between different GenAI deployment models.
- Legal, privacy, and governance stakeholders who need a clear mental model of how GenAI inference works in order to evaluate exposure, controls, and policy requirements.

No deep machine learning background is required; the workflow is explained in practical, security-focused terms that enable learners to connect GenAI capabilities to real-world data protection concerns.

In this lesson, learners will understand how to classify and handle data safely when using generative AI systems in real-world environments. By the end of the lecture, they will be able to:

- Explain why traditional data classification models (public, internal, confidential, highly confidential, etc.) must be adapted for generative AI tools, including LLMs and AI copilots.
- Identify common data types that pose higher risks in GenAI workflows, such as personal data, regulated data (PHI, PCI, financial data), source code, trade secrets, and business-sensitive content.
- Design or refine a practical data classification scheme that explicitly addresses generative AI use—covering input prompts, retrieved context, model outputs, and logs.
- Map classification levels to specific allowed and prohibited GenAI use cases (e.g., what can/cannot be pasted into public LLMs vs. private enterprise models).
- Create clear handling rules for each classification level, including which AI tools can be used, where data can be stored, and how it should be shared or redacted.
- Recognize red flags in everyday AI usage (such as copying client documents or internal roadmaps into chatbots) and apply safe alternatives like summarization with anonymization or synthetic data.
- Collaborate with security, legal, and compliance teams to align data classification for GenAI with existing policies (DLP, privacy programs, data retention, and regulatory requirements).
- Communicate classification rules to non-technical colleagues so they can safely use AI tools without exposing sensitive information.

This lesson focuses on concepts and practices more than specific vendor tools, but it will reference:

- Generative AI platforms such as ChatGPT, Microsoft Copilot, Google Gemini, and similar LLM-based assistants to illustrate classification decisions.
- Data Loss Prevention (DLP) solutions and cloud security controls at a high level, to show how classification labels can be enforced in AI-related workflows.
- Productivity suites with embedded AI (e.g., Microsoft 365 with Copilot, Google Workspace with AI features) as examples of environments where classification meets GenAI.

The content is designed for:

- Security and privacy professionals who need to extend existing data classification and protection programs to cover generative AI.
- IT, data, and AI leaders responsible for enabling safe AI adoption in their organization.
- Compliance, legal, and risk management teams who must ensure GenAI use aligns with regulatory and contractual obligations.
- Engineering, product, and operations managers who work with sensitive data and want practical guidance on what they can safely use GenAI for.
- Individual contributors and knowledge workers in data-rich roles (finance, HR, legal, consulting, product, marketing) who want clear, actionable rules for using AI tools without putting sensitive information at risk.

In this lesson, learners explore practical strategies for safely using generative AI tools in real-world workflows that involve sensitive or regulated data. By the end, they will be able to recognize what kinds of information should never be entered into AI tools, design prompts that minimize data exposure, and implement basic redaction and anonymization techniques before sharing content with these systems. Learners will also be able to evaluate whether a particular GenAI tool is appropriate for their use case by reviewing its data retention, training, and privacy policies, and they will know how to configure key settings to reduce risk when collaborating or sharing outputs with others.

The lesson walks through examples using popular generative AI tools such as ChatGPT, Claude, and Google’s Gemini, along with enterprise variants where relevant. It also covers practical supporting tools and techniques including data-masking utilities, document redaction features in office suites, secure file-sharing platforms, and basic configuration options in AI assistants (e.g., turning off chat history where available, managing workspace and team permissions, and controlling integration access). While the focus is conceptual and policy-oriented rather than deeply technical, learners get concrete, tool-agnostic patterns they can apply regardless of the specific AI system they use.

This lesson is designed for professionals who are starting to integrate generative AI into their daily work but must do so responsibly: knowledge workers, data and business analysts, product managers, marketers, consultants, customer-support and operations teams, and managers overseeing teams that use AI tools. It is also relevant to IT, security, and compliance practitioners who need a non-technical but rigorous framework to guide colleagues on secure data handling and safe sharing practices when interacting with GenAI systems.

In this lecture, you’ll discover how to apply secure data handling and controlled data sharing practices to real-world generative AI scenarios. By the end, you’ll be able to design and implement workflows where sensitive data can be safely used with AI models—whether they are internal, third‑party, or hosted in the cloud—without violating security policies, regulations, or customer trust.

You will learn how to:

- Classify and tag data for AI use (e.g., public, internal, confidential, restricted) and translate those labels into concrete sharing rules.
- Architect request/response flows for large language models that minimize data exposure while preserving functionality (e.g., prompt filtering, redaction, and post‑processing).
- Use techniques like data minimization, tokenization, masking, pseudonymization, and anonymization when sending data to AI services.
- Set up role‑based access controls, approval workflows, and policy‑based routing to govern who can share what data with which AI systems.
- Build secure “patterns” for common use cases such as customer support summarization, contract review, code analysis, and analytics on sensitive datasets.
- Evaluate vendor AI tools and APIs from a data security perspective, including data residency, model training on your data, logging, and retention.
- Document and communicate clear guidelines for teams that want to use generative AI on sensitive business data, including do’s and don’ts.

By the end of the lesson, you’ll be able to map a business use case to a concrete, secure AI data flow, choose appropriate protection techniques, and justify your design to security, compliance, and business stakeholders.

This lesson will demonstrate and reference a range of tools and technologies, including:

- Cloud and collaboration platforms with built‑in information protection (e.g., Microsoft 365 sensitivity labels, Google Workspace data loss prevention concepts).
- Data loss prevention (DLP) and cloud access security broker (CASB) capabilities, illustrated using common patterns found in tools such as Microsoft Purview, Netskope, or McAfee/Skyhigh.
- Identity and access management concepts (e.g., Azure AD/Entra ID or Okta) for enforcing role‑based and attribute‑based access to AI tools.
- Example configurations for secure use of generative AI APIs (e.g., OpenAI, Azure OpenAI, Anthropic, Gemini) including options related to data logging, training, and retention controls.
- Basic use of API gateways or reverse proxies to implement policy enforcement, prompt filtering, and redaction before data reaches external AI models.

The focus is on practical patterns and concepts rather than on any single vendor, so you can apply the techniques with your own stack.

This lesson is designed for:

- Security and risk professionals who need to enable safe generative AI adoption while maintaining strong data protection.
- Data protection, privacy, and compliance teams responsible for ensuring regulatory and policy alignment when AI tools touch sensitive information.
- IT, cloud, and platform engineers who are integrating generative AI services into existing systems and need secure architectures and guardrails.
- Data scientists, AI/ML engineers, and developers who handle real customer or internal data in prompts, fine‑tuning, embeddings, or retrieval‑augmented generation.
- Product managers, operations leaders, and team leads who want to leverage generative AI on business data without creating security or privacy debt.

No deep security background is required; the lecture translates security requirements into practical, implementable patterns for everyday AI use cases.

In this lesson, you’ll learn how to translate high‑level AI policies into concrete, enforceable guardrails around tools like ChatGPT, Microsoft Copilot, Gemini, and other generative AI systems used inside your organization. By the end, you’ll be able to:

- Identify which categories of data (e.g., regulated, confidential, internal, public) can and cannot be sent to generative AI tools, and articulate “allowed vs. forbidden” data flows in plain language for business users.
- Evaluate whether a specific AI tool or plugin is safe to use with your company’s data based on its data handling practices, hosting model (SaaS vs. self‑hosted), region, and logging/retention policies.
- Define practical “guardrail” rules such as: what content may be uploaded, which teams can use which AI tools, and which features must be disabled (e.g., training on user prompts, external plugin access, code execution).
- Turn security and privacy requirements into clear configuration guidance for IT (SSO, role-based access control, DLP integration, tenant isolation, admin controls, and logging).
- Draft simple AI usage guidelines and “dos and don’ts” for employees that align with your organization’s risk tolerance, legal obligations, and security policies.
- Collaborate more effectively with security, legal, compliance, and engineering teams to approve or block new AI tools and to define exception processes.

This lesson covers the practical use and configuration of several tools and technologies, including:

- Cloud-based generative AI services (e.g., OpenAI, Anthropic, Google Gemini, Microsoft Azure OpenAI) and how to choose enterprise vs. consumer offerings.
- Enterprise AI features in productivity suites (e.g., Microsoft Copilot, Google Workspace AI features, Salesforce AI) and their security/admin settings.
- Identity and access tools such as SSO and basic RBAC concepts for controlling who can access which AI capabilities.
- Data protection technologies like data loss prevention (DLP), CASB/SASE, and basic logging/monitoring setups that help enforce AI usage guardrails.
- Internal request/approval workflows or ticketing systems used to review and approve new AI tools and use cases.

This lesson is intended for:

- Security leaders and practitioners (CISO, security architects, security engineers, GRC teams) who must define and enforce safe usage of generative AI.
- IT and platform owners responsible for rolling out AI tools to the business while maintaining control and compliance.
- Data protection, privacy, and compliance professionals who need to translate regulatory and policy requirements into operational guardrails.
- Engineering and data leaders who are enabling AI-assisted development or analytics and want clear boundaries on data usage.
- Business and product managers sponsoring AI initiatives who need to understand what is permitted, what is blocked, and why.

In this lecture, **“Prompt Injection — How Words Become Attacks,”** learners drill into one of the most misunderstood risks in modern AI systems: the way seemingly harmless text can be weaponized to subvert large language models and leak sensitive data. By the end of this lesson, learners will be able to:

- Explain what prompt injection is, and how it differs from traditional injection attacks like SQL injection and XSS, using clear, real-world analogies.
- Identify the main categories of prompt injection (jailbreaks, instruction hijacking, data exfiltration, content policy evasion, and tool/agent hijacking).
- Analyze an AI prompt or conversation to spot red flags that indicate a possible injection attempt.
- Predict how a generative model is likely to behave when exposed to malicious, conflicting, or overridden instructions.
- Design safer prompts and system messages that reduce the likelihood and impact of injection attacks.
- Apply basic defense patterns such as separation of roles (system vs. user vs. tool), content filtering, and output validation to mitigate attacks.
- Evaluate when an AI-powered workflow is at risk due to access to internal tools, APIs, or sensitive data sources, and describe how to limit that risk.

This lesson is hands-on and example-driven. Learners observe prompt injection attacks step-by-step and then see how small changes in prompt structure, model configuration, and surrounding controls can neutralize or at least reduce the impact of those attacks. The goal is not only to understand *what* prompt injection is, but to be able to reason about *how* it happens and *how to design around it* in real systems.

**Tools and technologies used in this lesson include:**

- A mainstream large language model interface (e.g., OpenAI-style chat playground or equivalent) to demonstrate live injection and defense patterns.
- Example prompts and system messages that reproduce known jailbreak and data-exfiltration scenarios.
- Simple pseudo-code or configuration snippets showing how injection defenses can be wired into application logic (e.g., pre-/post-processing, guardrails, and validation layers).

No specific vendor ecosystem knowledge is required; all demonstrations are conceptually transferable to any LLM platform.

**Intended audience:**

This lecture is designed for technical and semi-technical professionals who are either building or integrating generative AI into products, workflows, and data environments, including:

- Software engineers and application developers.
- Security engineers, application security specialists, and red team members.
- Data engineers, ML engineers, and AI/ML product teams.
- Architects and technical leads responsible for AI-enabled systems.
- Security-aware product managers, risk officers, and compliance professionals who need to understand the mechanics of prompt-based attacks to assess and govern AI use.

A basic familiarity with how chat-based AI systems work is helpful but not mandatory; all core concepts are introduced from first principles, with a focus on practical recognition and defense rather than deep math or model internals.

In this lesson, learners dive deep into direct prompt injection attacks—how they work, why they are dangerous in real-world AI deployments, and how to recognize them before they compromise sensitive data. By the end of the lesson, learners will be able to:

- Explain what direct prompt injection is and how it differs from other prompt-based threats.
- Identify common social-engineering and linguistic tricks used to override system prompts and security policies.
- Analyze real prompt transcripts to spot injection patterns, such as “ignore previous instructions,” multi-step manipulation, and hidden data-exfiltration requests.
- Evaluate the risk of seemingly harmless user prompts in applications that access internal tools, APIs, or confidential data.
- Design safer prompt patterns and guardrails that make it harder for adversarial users to manipulate model behavior.
- Apply a practical checklist to review prompts and responses for signs of injection before deploying AI features in production.

This lesson uses widely available tools and technologies to make concepts concrete and actionable, including:

- Public large language model chat interfaces (e.g., browser-based AI assistants) to demonstrate live prompt-injection tricks.
- Prompt-testing/sandbox environments or notebooks (e.g., Python or low-code tools) to run controlled experiments with adversarial prompts.
- Example configurations of “system” or “developer” messages from common LLM platforms to illustrate how instructions can be overridden.

The lesson is designed for professionals who work with or around AI-powered systems and need to keep data safe, including:

- Security engineers and application security professionals assessing AI-related risks.
- Data protection, privacy, and compliance teams evaluating how AI may expose sensitive information.
- AI/ML engineers and software developers integrating language models into products or internal tools.
- Product managers and technical leaders responsible for AI features that access internal or customer data.
- Risk, governance, and IT teams who must understand how prompt injection can translate into real-world data breaches or policy violations.

In this lesson, you’ll uncover how indirect prompt injection works—where hidden or “out-of-band” instructions (for example, in web pages, PDFs, emails, or internal tools) silently hijack AI behavior without the user ever seeing the malicious text. By the end of the lecture, you will be able to:

- Explain what indirect prompt injection is and how it differs from direct prompt injection and normal prompt engineering.
- Identify common real-world patterns of hidden instructions (e.g., malicious HTML comments, invisible text, embedded metadata, and prompt-bait in tools and APIs).
- Trace how data flowing from external sources into an AI agent or RAG pipeline can become an attack vector.
- Analyze sample attack scenarios step-by-step and pinpoint exactly where the compromise happens.
- Evaluate AI workflows and integration architectures (like agents that browse the web or interact with internal systems) for indirect injection risks.
- Apply practical defense techniques, including input isolation, content filtering, model-level instruction hierarchies, and “never obey external instructions” guardrails.
- Design or refine policies to keep system prompts, tools, and external data sources logically separated to maintain trust boundaries.
- Collaborate with security and engineering teams to document threat models for AI systems that consume untrusted content.

This lesson is hands-on and example-driven. You’ll see and work with:

- Large Language Models via hosted platforms (e.g., OpenAI-style or similar chat/completions APIs) to demonstrate how they react to hidden instructions.
- Retrieval-augmented generation (RAG) or similar retrieval setups, at least conceptually, to show how documents and knowledge bases can carry injected prompts.
- Web and file-based content sources (HTML pages, PDFs, knowledge articles, email bodies) to illustrate where attackers hide instructions.
- Simple agent-style workflows (e.g., “browse this URL and summarize” or “read this ticket and take an action”) to show how tool-using AI systems are uniquely exposed.
- Basic security controls and patterns (filters, allow/deny lists for tools, prompt templates with strict roles) that you can adapt to your own stack, regardless of specific vendor.

This lecture is intended for:

- Security engineers, application security professionals, and red teamers who need to understand AI-specific attack surfaces.
- Data and ML engineers building LLM integrations, RAG systems, or AI copilots that interact with internal and external data.
- Software engineers and solution architects integrating generative models into products, workflows, or customer-facing applications.
- Product managers and technical leaders responsible for the safety and reliability of AI features.
- Governance, risk, and compliance professionals who need to grasp where hidden AI instructions can undermine data security and policy controls.

No prior deep knowledge of adversarial machine learning is required, but basic familiarity with large language models and how they’re used in applications will help you get the most from this lesson.

In this lesson, learners will gain practical, real‑world habits for recognizing and defending against prompt injection attacks in everyday AI use. By the end, they will be able to:

- Explain what prompt injection is, how it works, and why it’s uniquely dangerous in conversational AI.
- Identify common injection patterns in prompts, instructions, files, URLs, and third‑party data that might influence an AI model.
- Apply a repeatable “trust and verify” workflow before acting on AI‑generated outputs.
- Design safer prompts that limit model access to sensitive information and reduce the risk of data leakage.
- Create simple internal guidelines and checklists for safe AI use in their team or organization.
- Distinguish between safe and unsafe examples of AI‑assisted tasks in scenarios like email drafting, coding, report writing, research, and document summarization.
- Escalate and report suspected prompt injection incidents using a lightweight internal process.

This lesson is tool‑agnostic but uses popular AI assistants and platforms to demonstrate concepts, including:

- General‑purpose chatbots (e.g., ChatGPT, Claude, Gemini, Copilot‑style tools) to show how injected instructions appear in real conversations.
- Web‑integrated AI assistants (e.g., browser extensions, search‑integrated AI, or “AI sidebars”) to highlight the risks of untrusted web content being fed directly to models.
- Productivity and collaboration tools with built‑in AI features (documents, spreadsheets, email, messaging) to illustrate how embedded AI can inadvertently expose sensitive data if prompt injection is not recognized.

The focus is on concepts and practical habits, not coding, so learners can apply the lessons regardless of their specific AI platform.

This lesson is intended for a broad professional audience, including:

- Knowledge workers who rely on AI for drafting, summarization, research, or analysis.
- Managers and team leads responsible for setting safe AI usage norms.
- Security, risk, and compliance professionals who need to understand human‑level defenses against prompt injection.
- Data, product, and operations professionals integrating AI into workflows.
- Non‑technical staff who regularly paste internal content (emails, reports, client data, documents) into AI tools.

No deep technical background is required; this lesson is designed for anyone who wants to safely use AI in a professional or organizational setting and reduce the risk of prompt injection–driven data exposure.

By the end of this lesson, learners will be able to:

- Explain why AI-generated outputs can never be treated as fully trusted, “final” answers—especially in security-sensitive or regulated environments.
- Identify hidden risks in AI responses, including prompt injection payloads, data exfiltration attempts, subtle policy bypasses, and malicious code suggestions.
- Systematically review AI outputs using a simple risk checklist: checking for sensitive data leaks, hallucinated facts, non-compliant recommendations, and instructions that deviate from policy or scope.
- Recognize how attackers can manipulate prompts or prior context to get the AI to override rules and produce harmful or unauthorized content.
- Apply practical review strategies such as cross-verifying with trusted sources, validating code and configuration changes in safe sandboxes, and logging AI-assisted decisions for auditability.
- Design or update internal workflows so that AI remains a powerful assistant while humans retain final judgment and approval over high-impact actions and content.

Tools and technologies covered in this lesson:

- Popular large language model interfaces (such as ChatGPT, Claude, and similar enterprise AI assistants) used as concrete examples of where output review is critical.
- Basic use of code execution environments or sandboxed dev environments to safely test AI-generated scripts, queries, or configurations before deploying them.
- Simple prompt patterns and governance practices (guardrails, secondary “checker” prompts, and review templates) to support more reliable, reviewable AI usage.
- Optional mention of security and compliance monitoring tools (e.g., DLP, logging, and access-control mechanisms) that can complement human review of AI-derived outputs.

Intended audience for this lesson:

- Security professionals and security engineers who need to evaluate and govern the safe use of generative AI in their organization.
- Developers, data engineers, and MLOps practitioners who rely on AI to generate code, queries, or infrastructure definitions and must ensure those outputs are safe and compliant.
- IT administrators, cloud and DevOps teams using AI assistants for configuration, troubleshooting, or automation tasks where misconfigurations can create security gaps.
- Risk, compliance, and governance teams defining policies for acceptable AI use and responsible review processes.
- Product managers, team leads, and decision-makers integrating generative AI into workflows who need a practical understanding of why human review is mandatory for trustworthy, secure outcomes.

By the end of this lesson, learners will be able to apply the STOP Method as a practical, repeatable habit to quickly audit AI-generated outputs for safety, accuracy, and integrity. They will learn how to spot signs of prompt injection, data exfiltration, and subtle manipulation in model responses, even when those responses appear confident and well‑structured. Learners will gain a clear mental checklist for pausing before trusting or acting on AI suggestions that might involve sensitive data, configuration changes, or security‑relevant decisions. They will be able to walk through realistic examples and practice using STOP to decide when to accept, modify, or discard an AI’s answer, and when to escalate to a human or a more secure workflow.

This lesson uses mainstream generative AI interfaces such as ChatGPT, GitHub Copilot, and similar LLM-based assistants as demonstration tools. No specific vendor tooling is required, and everything can be followed using whichever AI assistant learners already have access to in their environment. The focus is on practical usage patterns and the STOP Method itself rather than on a particular platform, so the techniques translate across web UIs, IDE plugins, and internal enterprise chatbots.

The lesson is intended for professionals who rely on AI outputs in security-sensitive or data-sensitive contexts: security engineers, software developers, data scientists, IT and cloud operations staff, product managers, compliance and risk officers, as well as technical team leads adopting generative AI in their workflows. It is also suitable for non‑technical decision makers and power users who routinely paste internal information into AI tools or act on AI recommendations and need a lightweight, memorable way to verify that those outputs are safe to trust before implementation or sharing.

By the end of this lesson, learners will understand exactly where automated guardrails for generative AI end—and where human judgment must begin. They will be able to identify scenarios where AI systems can safely operate with minimal oversight versus situations where human review is non‑negotiable for security, compliance, and reputational risk. Learners will be able to design and document a “human-in-the-loop” review process for AI-generated outputs, including escalation paths, approval criteria, and audit trails. They will also be able to identify common failure modes of AI guardrails (such as subtle data leakage, policy workarounds, and context-misinterpretation) and propose concrete validation steps to catch those failures before they reach customers or production systems.

This lesson will walk through practical examples of how AI content filters, safety layers, and policy engines can be complemented—not replaced—by reviewers who are trained in data security and organizational policy. Learners will practice thinking like a reviewer: questioning AI outputs, probing for hidden sensitive information, and evaluating whether responses truly comply with internal data handling policies, not just surface-level rules. They’ll be able to articulate how to balance speed and oversight, and how to define thresholds where automated checks are enough versus when human sign-off is required.

The lesson focuses on concepts and workflows rather than deep tool-specific training. However, it will reference common elements found in many AI deployment stacks, such as built-in model safety settings, configurable guardrail frameworks, content moderation APIs, logging and monitoring dashboards, and workflow tools that route AI outputs to human reviewers for approval or correction. Learners will see how these technologies fit into an end-to-end control layer that still depends on human validation for the most sensitive or high-impact use cases.

This lecture is intended for security professionals, data protection officers, AI risk and governance leads, engineering managers, product owners, and technically inclined business stakeholders who are responsible for deploying or overseeing generative AI in environments where data security and compliance are critical. It is also relevant for ML engineers, prompt engineers, and AI operations teams who need to design safe workflows that incorporate human review, as well as legal, compliance, and audit professionals who must evaluate whether AI controls are adequate and defensible.

This lesson dives deep into how to reliably review and gate AI-generated content using a structured workflow of **Validate → Escalate → Approve** so that sensitive or business‑critical data is never exposed, misused, or misrepresented.

By the end of this lesson, learners will be able to:

- Apply a clear, repeatable review framework to any generative AI output:
- **Validate**: Perform first-line checks for accuracy, policy compliance, PII/PHI exposure, security misconfigurations, hallucinations, and bias.
- **Escalate**: Recognize when an output is risky or ambiguous, decide who to escalate to (security, legal, compliance, data owner, manager), and document the escalation trail.
- **Approve**: Confidently sign off on safe outputs, including documenting the basis for approval and residual risks.
- Use practical checklists and decision trees to quickly spot:
- Leaks of confidential, regulated, or internal-only data
- AI hallucinations and fabricated sources
- Overly broad or dangerous security recommendations
- Incomplete redaction or anonymization
- Design human-in-the-loop “approval gates” for:
- Code suggestions and infrastructure configurations
- Customer-facing communications drafted by AI
- AI-generated analytics, summaries, and reports based on sensitive data
- Capture and log review decisions to support audits, incident response, and continuous improvement of AI usage policies.
- Communicate review outcomes effectively to stakeholders (approve as-is, approve with edits, reject, or escalate) in a way that supports governance and minimizes friction for the business.

Tools and technologies covered in this lesson include:

- Illustrative use of large language models (e.g., ChatGPT-style systems) to show common failure modes that require human validation.
- Lightweight tracking and review mechanisms, such as:
- Approval and escalation workflows in ticketing systems (e.g., Jira, ServiceNow) or collaboration tools (e.g., Slack, Microsoft Teams)
- Simple forms or templates for recording validation checks and approvals
- Examples of how these workflows tie into:
- Data Loss Prevention (DLP) alerts
- Access control and identity systems used to verify who is allowed to approve different categories of AI outputs

This lesson is intended for:

- Security and risk professionals who need practical methods to insert human oversight into AI-assisted workflows.
- Data protection, privacy, and compliance teams responsible for preventing data leakage and regulatory violations when using generative AI.
- Engineering and IT staff who review AI-generated code, scripts, or configurations before they reach production environments.
- Product managers, project leads, and operations managers who oversee teams using generative AI and must ensure outputs are safe, accurate, and policy-compliant.
- Team leads and reviewers in support, marketing, sales, HR, or legal who rely on AI drafts but remain accountable for the final approved content.

In this lesson, learners explore how modern generative AI systems can convincingly fabricate people, voices, and events—and what that means for security, privacy, and trust in digital communications. By the end of the session, you will be able to:

- Explain what deepfakes and synthetic media are, how they’re created, and how they differ from traditional photo/video manipulation.
- Describe the underlying AI techniques (e.g., GANs, diffusion models, voice cloning models) at a conceptual level, without needing to code.
- Identify common signs of AI‑generated images, videos, and audio using both human judgment and basic technical checks.
- Assess the risks deepfakes pose to individuals and organizations, including fraud, impersonation, disinformation, reputational damage, and social engineering.
- Apply practical verification habits to your everyday communications: cross‑checking sources, validating identities, and recognizing red flags in suspicious media.
- Integrate deepfake awareness into broader security practices, such as incident response, executive protection, and brand monitoring.

The lesson references and demonstrates several types of tools and technologies, including:

- AI media generation technologies at a high level:
- Image and video synthesis models (GANs, diffusion models)
- Voice cloning and text‑to‑speech systems
- Detection and verification approaches:
- Open‑source or commercial deepfake detection tools (introduced conceptually, not taught in depth)
- Reverse image search and basic metadata inspection for verifying content origins
- Platform and ecosystem features:
- Watermarking, content authenticity initiatives, and emerging standards for labeling synthetic media

This lesson is intended for:

- Security and risk professionals who need to understand deepfake‑enabled threats (phishing, BEC, disinformation campaigns).
- IT, compliance, and data protection teams responsible for safeguarding organizational communications and reputation.
- Business leaders, legal and HR professionals, and communications teams who must respond to or prepare for synthetic media incidents.
- Technologists, data professionals, and AI practitioners who want a practical, non‑hyped overview of the risks and defenses around AI‑generated media.
- Any non‑technical professional who frequently relies on digital media and wants to strengthen their ability to spot and respond to manipulated content.

In this lesson, learners unpack the real-world threat of deepfakes and walk away with a practical playbook for recognizing and resisting synthetic audio, video, and images in their everyday digital lives. You’ll explore how deepfakes are created, why they’re increasingly convincing, and how they’re being weaponized in fraud, social engineering, disinformation, and reputational attacks.

By the end of the lesson, you will be able to:

- Explain in clear, non-technical language what deepfakes and other synthetic media are, and how they differ from traditional photo or video editing.
- Identify the most common red flags in manipulated audio and video (visual artifacts, timing mismatches, audio inconsistencies, behavioral anomalies, and contextual contradictions).
- Apply structured “communications hygiene” habits to verify unexpected messages, requests, and content before acting on them, especially when money, credentials, or sensitive information are involved.
- Use a simple, repeatable verification workflow (pause → verify channel → verify identity → verify intent) for emails, calls, video calls, text messages, and social media content.
- Respond appropriately if you suspect a deepfake or synthetic media attack: how to contain risk, document evidence, and escalate to the right internal or external contacts.
- Coach colleagues, friends, or family through basic deepfake awareness, helping them avoid common traps such as urgent payment requests, fake CEO calls, or inflammatory “leaked” videos.
- Integrate deepfake defense into your broader personal and organizational security practices, including incident reporting, password hygiene, and multi-factor authentication.

This lesson highlights and demonstrates several practical tools and technologies you can start using immediately, including:

- Browser-based reverse image and video search to validate where a piece of media originally appeared and whether variants exist elsewhere online.
- Audio and video analysis platforms and plug-ins that help detect signs of manipulation, such as inconsistencies in lighting, motion, reflections, lip-sync, and background noise.
- Identity verification practices and tools (call-back procedures, out-of-band verification via pre-agreed channels, internal directories, and secure communication tools) to validate that a message or request truly comes from the person it claims.
- Common productivity and communication tools (email, messaging apps, video conferencing platforms) used as live examples to demonstrate how deepfake-driven scams appear in real workflows.

No specialized technical background or coding skills are required: the focus is on mindset, habits, and straightforward tools that any professional can use.

This lesson is designed for:

- Business professionals and knowledge workers who rely heavily on digital communication and need to distinguish legitimate messages from synthetic manipulation.
- Security, risk, compliance, and legal teams who want to strengthen their organization’s frontline defense against deepfake-enabled fraud and social engineering.
- Managers and executives who may be specifically targeted through impersonation attacks, executive fraud, or reputational deepfakes.
- Customer-facing staff in finance, HR, procurement, support, and sales who frequently process sensitive requests and approvals.
- Educators, students, and content creators who share or amplify media online and need to avoid spreading manipulated content.

Anyone who communicates, approves transactions, or consumes digital media at work or in their personal life will benefit from the practical awareness, detection skills, and everyday habits taught in this lesson.

In this lesson, learners explore how AI-generated messages are transforming traditional phishing into a more sophisticated, scalable, and convincing threat. By the end of the lecture, they will be able to recognize the behavioral and linguistic patterns of AI-crafted emails, chats, and social media messages; distinguish between human-written and machine-generated content in realistic scenarios; and apply a structured validation workflow before clicking links, sharing data, or authorizing transactions. Learners will also be able to map these new attack techniques to common security policies, and update their own communication habits to reduce the risk of account takeover, data leakage, and financial fraud driven by synthetic messages.

The session walks through practical demonstrations using modern generative AI tools that attackers themselves increasingly rely on. Learners will see how large language models can rapidly produce spear‑phishing campaigns, business email compromise drafts, and support-chat impersonations at scale. The lecture also introduces email and messaging security capabilities commonly found in enterprise environments—such as advanced spam filters, phishing-report plugins, secure email gateways, and link-scanning services—along with simple browser and OS features that help validate URLs, file types, and sender identities. While no prior experience with these tools is required, the examples show concretely how both attackers and defenders can leverage the same underlying technologies, and how to stay on the right side of that line.

This lesson is designed for professionals who regularly interact with digital communications and handle sensitive information: knowledge workers, managers, HR and finance staff, IT and security practitioners, consultants, and anyone who is a potential target for phishing or social engineering. It is equally suitable for non-technical team members who need clear, actionable guidelines for evaluating suspicious emails and messages, as well as for security-conscious individuals who want to strengthen their personal digital hygiene in an environment where AI-generated phishing is rapidly becoming the norm.

In this lecture, you’ll learn how to recognize, manage, and reduce the risks of AI-generated participants in virtual meetings so that your digital collaboration spaces remain authentic, secure, and trustworthy. By the end, you’ll be able to spot signs of synthetic attendees and manipulated audio/video, apply practical meeting hygiene practices, and design guardrails for your organization’s online meetings and collaboration platforms.

You will practice how to validate identities in video conferences without breaking trust or slowing work down, and how to respond when you suspect a deepfake, impersonation, or bot-driven disruption. The session walks through realistic scenarios—such as an “executive” joining via video with subtly altered voice, or an unfamiliar “consultant” appearing with perfect but generic credentials—and shows how to investigate and escalate carefully. You’ll also learn how to write and implement clear policies for meeting admission (e.g., name formats, camera rules, second-factor verification for sensitive calls) and how to train colleagues to follow these protocols without creating friction or embarrassment.

The lesson includes demonstrations and examples involving common collaboration and meeting platforms (such as Zoom, Microsoft Teams, Google Meet, and Slack/Teams chat environments), basic identity-verification approaches (calendar provenance checks, organization directory and SSO checks, verified contact lists), and practical use of security settings already built into these tools (waiting rooms, lobby features, locked meetings, participant management, recording controls, and domain restrictions). It also touches on emerging deepfake-detection concepts and browser-based or platform-integrated tools that can assist in identifying synthetic audio and video, while emphasizing policy and process over reliance on any single detection technology.

This lecture is intended for professionals who regularly participate in or host online meetings and need to maintain secure, authentic communication channels: security and risk practitioners, IT and collaboration platform admins, team leads and project managers, HR and recruiting professionals conducting remote interviews, customer-facing roles running virtual sales or support calls, and any knowledge worker operating in remote or hybrid environments where AI-generated personas and manipulated media could be used to deceive, exfiltrate data, or undermine trust.

In this lecture, you’ll explore how to design and enforce strong access controls in environments that use generative AI, through the practical lens of the “Five Rights of Access”: the right user, right data, right level, right time, and right reason. By the end, you will be able to translate these principles into concrete policies and workflows that align identity management, access control, and AI-powered workspaces.

You will learn how to:
- Map AI-related roles (prompt engineers, data scientists, business users, admins, vendors) to appropriate access rights and entitlements.
- Apply the Five Rights to common generative AI use cases, such as using internal data with AI copilots, AI-powered code assistants, and document/chat-based knowledge systems.
- Design and refine access control policies so that sensitive data is never exposed to the wrong users or AI tools, even unintentionally through prompts, embeddings, or logs.
- Implement request-and-approval workflows and just-in-time access for AI-related tasks, so elevated permissions are temporary, auditable, and traceable.
- Collaborate with security, IT, and business stakeholders to build a culture where employees understand why access is controlled, how it protects them, and how to request what they need without bypassing security.
- Evaluate your current identity and access practices and identify gaps where generative AI introduces new risk (for example, plugin access to third-party systems, AI tools reading more data than a user should see, or over-permissive AI workspace defaults).
- Create simple, actionable guidelines and training messages to help non-technical staff use AI tools safely without oversharing credentials, secrets, or sensitive records.

The lecture is tool-agnostic but refers to common categories of technologies, such as:
- Identity and Access Management (IAM) platforms for managing users, roles, and entitlements.
- Single Sign-On (SSO) and directory services as the backbone for authenticating users into AI workspaces.
- Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) capabilities within cloud platforms and SaaS applications used for AI workloads.
- AI workspace and collaboration tools (for example, enterprise chat platforms, internal AI assistants, AI-enhanced productivity suites) to illustrate how the Five Rights apply in practice.
- Logging and auditing systems that record who accessed what, when, and through which AI interface or integration.

This lesson is intended for:
- Security and risk professionals responsible for data protection and governance in organizations adopting generative AI.
- Identity and access management practitioners who need to adapt existing frameworks to AI tools and AI-driven workflows.
- IT and cloud administrators who configure permissions, groups, and policies for AI platforms and connected systems.
- Data platform owners, analytics leaders, and AI/ML leads who must balance innovation with strict control of sensitive datasets.
- Compliance, privacy, and governance teams who need a structured access model they can communicate to auditors and regulators.
- Technical and non-technical managers seeking to foster a culture where teams can safely leverage AI while respecting access controls and data security.

In this lesson, learners dive deep into modern multi-factor authentication (MFA) and what “access vigilance” really means in an AI-driven environment. By the end, you will be able to:

- Explain how MFA works (SMS codes, authenticator apps, hardware keys, biometrics, passkeys) and why some factors are stronger than others in the context of AI-powered phishing and credential-stuffing attacks.
- Evaluate the security posture of existing login flows and identify where weak or outdated factors (like SMS-only MFA) expose systems to AI-assisted threats.
- Design or recommend a risk-based MFA strategy that adapts to context (device, location, behavior) and addresses AI-enabled social engineering and session hijacking.
- Implement practical access safeguards such as number matching, phishing-resistant authentication, and just-in-time access approvals.
- Draft user guidelines that promote safe MFA usage, including how to recognize and respond to suspicious MFA prompts or push fatigue attacks driven by automated bots.
- Collaborate with IT/security teams to define policies for privileged accounts, service accounts, and third‑party access in an environment where AI tools can quickly exploit any exposed credential.
- Monitor and review access logs and alerts with an “AI-era” mindset, spotting anomalies such as impossible travel, bot-like login patterns, and API misuse that might indicate automated compromise attempts.

This lesson uses and demonstrates commonly adopted tools and technologies, including:

- Identity providers and SSO platforms (e.g., Okta, Azure AD / Entra ID, Google Workspace Identity, Ping) to illustrate MFA configuration and conditional access.
- MFA authenticators and passwordless options (e.g., authenticator apps, WebAuthn/FIDO2 security keys, passkeys) to compare phishing resistance.
- Built-in access monitoring and alerting dashboards within common cloud platforms (e.g., Microsoft 365, Google Cloud, AWS IAM views) to show how to detect risky access patterns.
- Example integrations with collaboration and AI platforms (e.g., Slack, GitHub, common generative AI workspaces) to highlight where MFA must be enforced for API keys, plugins, and extensions.

This lesson is intended for:

- Security and IT professionals responsible for identity and access management, enterprise security, or cloud security.
- Data protection, compliance, and privacy officers who need to ensure that MFA and access controls adequately protect sensitive and regulated data in AI-enabled workflows.
- Engineering leaders, DevOps and platform teams who integrate authentication into applications and AI services.
- Business and technical team leads who approve or manage the rollout of generative AI tools and need to understand the access risks and protections.
- Power users and data stewards who routinely work with sensitive datasets and want to strengthen their own account security in an AI-rich workplace.

In this lecture, you’ll discover how seemingly “offline” physical workspaces can still leak highly sensitive data to generative AI tools, and you’ll learn practical methods to secure your environment end‑to‑end. By the end of the lesson, you will be able to:

- Identify common physical security risks that can expose data to AI systems (e.g., screens in view of cameras, printed data near AI-enabled devices, confidential meetings within range of smart speakers).
- Apply best practices to secure your desk, office, home office, and shared spaces from unintended data capture by phones, laptops, webcams, and IoT devices.
- Design “AI‑safe zones” where generative AI and always‑listening devices are restricted or configured to minimize data leakage.
- Implement clear policies for handling printed documents, whiteboards, and physical notes that may appear in screenshots, video calls, or training data.
- Evaluate the physical layout of your workspace and perform a quick risk assessment to identify where genAI-driven data exposure is most likely.
- Coordinate with facilities, security, and IT teams to align physical workspace controls with broader identity, access, and AI governance policies.
- Educate colleagues and team members on simple, repeatable habits that reduce the chance of sensitive data being seen, captured, or processed by AI tools.

This lesson will reference and demonstrate:

- Video conferencing platforms (e.g., Zoom, Microsoft Teams, Google Meet) focusing on background controls, screen share settings, and recording configurations.
- Generative AI interfaces (such as ChatGPT, Microsoft Copilot, and browser-based AI assistants) as examples of tools that can unintentionally ingest visible or spoken data.
- Device security and privacy settings on laptops and mobile devices (webcam, microphone, and screen recording permissions).
- Smart office and smart home devices (e.g., voice assistants like Alexa, Google Assistant, Siri) to illustrate how “always listening” technology intersects with data security.
- Simple workspace mapping and checklist templates to guide you through a physical environment security review.

This lesson is designed for:

- Security and risk professionals who need to extend data protection strategies from purely digital controls to physical and hybrid workspaces.
- IT, compliance, and data protection officers responsible for creating and enforcing policies around AI usage in offices and remote work environments.
- Managers and team leads overseeing staff who use generative AI tools in co-working spaces, open-plan offices, or home offices.
- Knowledge workers, engineers, analysts, and creators who rely on AI assistants and want to ensure their physical environment doesn’t unintentionally expose confidential information.
- Anyone working in regulated or sensitive industries (finance, healthcare, legal, government, R&D, startups handling proprietary IP) where physical workspace practices can directly impact data security in the age of generative AI.

This lesson explores how to keep sensitive data secure when you’re working away from your usual desk—on personal or corporate devices, on the road, in airports, hotels, co‑working spaces, and conferences. By the end of the session, learners will be able to:

- Identify the most common device and travel security risks, including theft, shoulder surfing, unsafe Wi‑Fi, malicious chargers, and device compromise during border checks or hotel stays.
- Configure laptops, phones, and tablets with strong baseline protections: full‑disk encryption, secure boot, biometric and strong password authentication, screen‑lock policies, and remote‑wipe or “Find my device” features.
- Apply practical safeguards when working with sensitive or AI‑generated data in public places, such as using privacy screens, minimizing on‑screen exposure, avoiding printing or downloading sensitive outputs locally, and managing clipboard and cache data.
- Safely connect to networks while traveling by evaluating public Wi‑Fi risks, using VPNs correctly, enabling DNS/HTTPS protections, and recognizing rogue or “evil twin” hotspots.
- Use secure methods for charging and connecting devices (e.g., avoiding unknown USB ports, using data‑blocking adapters, and controlling USB/Bluetooth settings).
- Prepare for cross‑border travel and high‑risk destinations with a clear “travel profile”: deciding which data and accounts to bring, using temporary or “clean” devices, and planning for the possibility of device inspection or confiscation.
- Implement incident‑response steps for lost, stolen, or potentially compromised devices, including who to notify, what to disable or revoke, and how to verify that AI and data tools have not been abused.

This lesson uses widely available tools and built‑in security technologies rather than focusing on a single vendor. Illustrative examples include:

- OS‑level security settings on Windows, macOS, iOS, and Android: disk encryption (BitLocker, FileVault), secure lock‑screen configurations, and device‑tracking/remote‑wipe features.
- VPN solutions (both corporate and commercial) and secure DNS/secure browsing options to reduce network‑based risks while traveling.
- Password managers and authenticator apps for managing secure credentials and multi‑factor authentication while on the move.
- Mobile device management (MDM) or endpoint management examples to show how organizations can enforce travel and device policies for employees.

The lesson is designed for professionals who handle sensitive or regulated information and who may access generative AI tools from multiple locations and devices, including:

- Data, AI, and engineering teams working with proprietary models, prompts, or outputs.
- Security, privacy, risk, and compliance practitioners who need to harden device and travel practices for their organization.
- Business leaders, consultants, and remote or hybrid workers who travel frequently and need to protect corporate and customer data outside office environments.
- Anyone using laptops or mobile devices for work who wants a concrete, practical checklist for staying secure when they’re on the move.