The Export-Import Bank of the United States (EXIM) facilitates trades of exports of goods and services and, in doing so, deals with massive troves of data. From the Billington Cybersecurity Summit, EXIM CISO, Chief Privacy Officer, and Deputy Chief AI Officer Darren Death tells CyberCast that his agency is centralizing data about user access and behavior to detect potential cyber threats.

Death says that balancing cybersecurity with privacy remains a challenge, especially in complex IT ecosystems involving financial institutions. He stresses the need to “shift left” by embedding privacy and security requirements early in the development lifecycle and include business leaders in conversations about cybersecurity, privacy and usability.

He also says that the EXIM is using generative AI to simulate incident response scenarios, escalating threats to test team readiness. Death adds that EXIM is positioning AI as a force multiplier rather than a job threat.