惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

S
Secure Thoughts
Recent Commits to openclaw:main
Recent Commits to openclaw:main
H
Heimdal Security Blog
SecWiki News
SecWiki News
H
Hacker News: Front Page
N
News | PayPal Newsroom
L
LINUX DO - 最新话题
N
News and Events Feed by Topic
TaoSecurity Blog
TaoSecurity Blog
AI
AI
C
Cybersecurity and Infrastructure Security Agency CISA
Scott Helme
Scott Helme
PCI Perspectives
PCI Perspectives
S
Securelist
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Cyberwarzone
Cyberwarzone
A
Arctic Wolf
Forbes - Security
Forbes - Security
T
Tor Project blog
Spread Privacy
Spread Privacy
WordPress大学
WordPress大学
I
Intezer
Martin Fowler
Martin Fowler
Help Net Security
Help Net Security
P
Proofpoint News Feed
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Cisco Talos Blog
Cisco Talos Blog
Latest news
Latest news
博客园 - 司徒正美
W
WeLiveSecurity
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
V
V2EX
P
Palo Alto Networks Blog
Google DeepMind News
Google DeepMind News
IT之家
IT之家
阮一峰的网络日志
阮一峰的网络日志
V
Vulnerabilities – Threatpost
Jina AI
Jina AI
S
Security Affairs
Hacker News - Newest:
Hacker News - Newest: "LLM"
Simon Willison's Weblog
Simon Willison's Weblog
Project Zero
Project Zero
T
Threatpost
P
Privacy International News Feed
人人都是产品经理
人人都是产品经理
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Application and Cybersecurity Blog
Application and Cybersecurity Blog
博客园 - Franky
Hugging Face - Blog
Hugging Face - Blog
Apple Machine Learning Research
Apple Machine Learning Research

PCI Perspectives

Meet the Council’s New Head of Business Operations and Risk Management The AI Exchange: Innovators in Payment Security Featuring PCA Cyber Security Enhance Your Community Meeting Experience with Interactive Workshops The AI Exchange: Innovators in Payment Security Featuring PROSA Bring PCI SSC Training to Your Organization with the New Training Venue Host Program The AI Exchange: Innovators in Payment Security Featuring Utimaco Coffee with the Council Podcast: Meet This Year’s North America Community Meeting Keynote Speaker, Sharon Gai Welcome Our Newest Associate Participating Organizations The AI Exchange: Innovators in Payment Security Featuring SecurityMetrics PCI SSC Publishes New Guidance on Compensating Controls and the Customized Approach Spotlight On: Dreamplug Technologies Private Limited (CRED), a New Principal Participating Organization Request for Comments: PCI Data Security Standard (PCI DSS) v4.0.1 The AI Exchange: Innovators in Payment Security Featuring In-Solutions Global Ltd Coffee with the Council Podcast: Nominate Now for the Global Executive Assessor Roundtable (GEAR) PCI SSC Publishes PCI PTS HSM v5.0 Request for Comments: PCI Secure Software Lifecycle Standard v2.0 Spotlight On: Worldline, a New Principal Participating Organization Coffee with the Council Podcast: Stronger Together – The Value of Participating with PCI SSC The AI Exchange: Innovators in Payment Security Featuring Dreamplug Technologies Private Limited (CRED) Level Up Your Payment Security Expertise with PCI SSC Knowledge Training PCI SSC Launches Enhanced Language Microsites for Global Audience Exhibit at or Sponsor the 2026 Community Meetings Spotlight On: Stripe, a New Principal Participating Organization The AI Exchange: Innovators in Payment Security Featuring Toast, Inc. Coffee with the Council Podcast: A Panel Discussion on Cryptography The AI Exchange: Innovators in Payment Security Featuring Flywire Spotlight On: Amazon, a New Principal Participating Organization Welcome Our Newest Associate Participating Organizations The AI Exchange: Innovators in Payment Security Featuring Checkout.com Coffee with the Council Podcast: PCI SSC Publishes First-Ever Annual Report The AI Exchange: Innovators in Payment Security Featuring Bank of America Request for Comments: PCI Card Production and Provisioning Physical and Logical Security Standards v3.0.1 Spotlight On: Futurex, a New Principal Participating Organization The AI Exchange: Innovators in Payment Security Featuring Soft Space PCI Security Standards Council Publishes First-Ever Annual Report Coffee with the Council Podcast: PCI SSC Releases Version 2.0 of the PCI Secure Software Standard PCI SSC 2025 Community Meetings Now Available on Global Content Library PCI SSC Releases Version 2.0 of the PCI Secure Software Standard 2026 PCI SSC Training Schedule Announced Spotlight On: Reflectiz, a New Principal Participating Organization The AI Exchange: Innovators in Payment Security Featuring Jscrambler Meet the Council’s New Client Engagement Operations Director Meet the Council’s New Director, Training Programs Request for Comments: PCI Key Management Operations (KMO) v1.0 Standard PCI SSC Publishes Mobile Payments on COTS (MPoC) Guidance Document The AI Exchange: Innovators in Payment Security Featuring Block, Inc. Request for Comments: PCI PTS HSM v5.0 Coffee with the Council Podcast: Nominate Your Company for the Council’s Next Brazil Regional Engagement Board 2025 Asia-Pacific Community Meeting Agenda Highlights The AI Exchange: Innovators in Payment Security Featuring Elavon Inc. Coffee with the Council Podcast: Meet the New Regional Director of Japan and South Korea, Junichi Tsuboi Internal Security Assessor (ISA) Training Case Study: WestJet Sneak Peek: 2025 Europe Community Meeting Speakers AI Principles: Securing the Use of AI in Payment Environments The AI Exchange: Innovators in Payment Security Featuring Cloud Security Alliance Beware of PCI DSS Compliance Certificates Meet the Council’s New Regional Director, Europe PCI SSC Releases New Guidance on Authentication and Cryptography Welcome Our Newest Associate Participating Organizations Sneak Peek: 2025 North America Community Meeting Speakers Coffee with the Council Podcast: Meet This Year’s Asia-Pacific Community Meeting Keynote Speaker, Sharon Gai The AI Exchange: Innovators in Payment Security Featuring Salesforce
The AI Exchange: Innovators in Payment Security Featuring SISA
Alicia Malone · 2025-12-03 · via PCI Perspectives

Welcome to the PCI Security Standards Council’s blog series, The AI Exchange: Innovators in Payment Security. This special, ongoing feature of our PCI Perspectives blog offers a resource for payment security industry stakeholders to exchange information about how they are adopting and implementing artificial intelligence (AI) into their organizations.

In this edition of The AI Exchange, SISA’s Founder and CEO, Dharshan Shanthamurthy, offers insight into how his company is using AI, and how this rapidly growing technology is shaping the future of payment security.

How have you most recently incorporated artificial intelligence within your organization?

We have adopted a three-pronged strategy - AI for Cybersecurity, Cybersecurity for AI, and AI for Continuous Improvement.

AI for Cybersecurity focuses on embedding artificial intelligence as a core enabler across all ten of SISA’s solution lines, driving both growth and operational efficiency.

Cybersecurity for AI emerged as a dedicated solution line 18 months ago, in response to rising concerns from our customers around securing AI implementations. To strengthen this domain, we also launched an ANAB-accredited certification program, "Cybersecurity Professional for AI (CSPAI)", which has received tremendous response and adoption globally.

Finally, AI for Continuous Improvement reflects one of SISA’s foundational beliefs: that learning, innovation, and improvement must never stop. We are infusing AI into everything we do — enabling faster insights, smarter decisions, and continuous enhancement across the organization.

What is the most significant change you’ve seen in your organization since AI-use has become so much more prevalent?

The world is moving faster than ever, and many long-held assumptions are being redefined. I see the world pressing a reset button. For SISA, as for many others, the challenge lies in how swiftly we can evolve in this new age of AI. This transformation is not just about technology; it’s a profound change management journey. As we go through this transformation, I’m conscious that we must approach it with real intent, not treat it as a box-ticking exercise, but as a catalyst for meaningful progress.

How do you see AI evolving or impacting payment security in the future?

Like any technology disruption in the past, AI is going to have its merits and challenges for payments security. The merits are many - payment fraud detection is getting better, and AI in security solutions is automating several mundane tasks, allowing cybersecurity professionals to focus on higher-value work. For example, SISA launched an Agentic SOC at RSA earlier this year, demonstrating how L1 and L2 tasks can be automated, and we’ve already seen strong adoption of this solution. We’ve also seen AI being used to write reports, review evidence, and perform many tasks that auditors typically find tedious as QSAs.    

On the flip side, AI is also expanding the attack surface. As a forensics-driven cybersecurity company that believes in turning hindsight into foresight, we’re observing that attackers are leveraging AI as effectively as defenders. We’ve seen a rise in polymorphic malware and increasingly sophisticated malicious scripts, as AI makes code generation easier and faster than ever. Our Digital Threat Report for the BFSI Sector 2024 highlights several of these emerging AI-driven threats.

In summary, the battlefield is being redefined and in the age of AI, both the offense and defence are evolving at unprecedented speed.

What potential risks should organizations consider as AI becomes more integrated into payment security?

AI, as it stands today, can be viewed through three key facets.

  • The first is Analytical AI (Machine Learning/Deep Learning), which powers anomaly detection by training algorithms to identify patterns and make predictions based on historical data.
  • The second is Creative AI (Generative AI), which moves beyond prediction to generation. It doesn’t act autonomously but responds intelligently to prompts.
  • The third is Autonomous AI (Agentic AI), which can think, plan, and act - not just respond.

The potential risks of AI must be assessed across each of these dimensions. In Analytical AI, threats include data poisoning, where attackers manipulate training data to mislead models; model inversion, where adversaries reconstruct sensitive training data through repeated queries; and adversarial examples, where subtle input changes, even a few pixels, can trick an image classifier into misidentifying an object.

In Creative AI, we face risks such as prompt injection, where malicious instructions are embedded within inputs to elicit unintended or sensitive outputs. Another emerging concern is model supply chain risk i.e. tampering with model weights or datasets to introduce backdoors into downstream systems.

Finally, in Autonomous AI, we anticipate risks like unbounded autonomy or recursive loops, where agents may continuously act or scrape data without human oversight. And there’s multi-agent collusion, where compromised agents coordinate or influence others to perform malicious actions.

A fourth facet is now emerging - Synthetic Reality AI where AI fuses the physical and digital worlds through robotics, AR/VR, and other cyber-physical systems.

This merging of the physical and virtual worlds will accelerate the rise of Agentic Commerce and payment security professionals must work together to secure this evolving ecosystem. From agentic identity and trust manipulation to transaction and payment tampering, and even supply chain risks, the threat landscape is set to expand rapidly. We’ve addressed these emerging challenges extensively in our Cybersecurity for AI (CSPAI) certification program to help strengthen the preparedness of the payment security community.

What advice would you provide for an organization just starting their journey into using AI?

The first learning I would share with anyone beginning their AI journey is to accept that change will be difficult. Many underestimate the scale of change management required.

Second, educate your top leadership on what AI truly can and cannot do. The reality is that many leaders overestimate their understanding of AI and, as a result, fail to identify the right use cases for their organizations.

Third, build AI competence across the company — everyone should understand how AI impacts their role and decisions.

Fourth, develop a clear 6 - 18-month transformation plan, depending on the organization’s size and complexity. Implement changes that directly improve either the top line or the bottom line.

Finally, measure progress continuously, and ensure that AI transformation stays on the CEO’s agenda.

What AI trend (not limited to payments) are you most excited about?

I’m excited about possibilities that were once beyond humanity’s reach. Drug discovery, for instance, holds immense promise. Imagine breakthroughs that could lead to a cure for cancer. With AI, it’s predicted that we could expand both our lifespan and our health span, enabling us to live better and longer lives. Space research is another fascinating frontier where AI could drive extraordinary discoveries, even advancing our aspiration to become a multi-planetary species.

View More Content on Artificial Intelligence

Learn More About SISA