UST: How to Guide Secure and Responsible AI Development
AI, digital transformation, and economic resilience now share the same table as cybersecurity. At that table is Heather Dawe, Chief Data Scientist UK and Head of Responsible AI at UST. Her focus: ship AI that creates value while protecting trust, security, and accountability across complex enterprise environments.
UST employs 30,000+ people globally and works with many of the world's largest enterprises to design, deploy, and govern AI at scale. The ethos is simple: build systems that work in production, behave predictably under stress, and meet regulatory and ethical bars without slowing the business.
Build AI that is innovative and responsible
Responsible and innovative are not opposites. You just need to anticipate failure modes-jailbreaks, hallucinations, bias-and build guardrails into the system from day zero, not at the change-control meeting before go-live.
- Start with explicit misuse cases: prompt injection, data exfiltration, toxic output, decision bias, privacy leakage.
- Adopt "secure-by-default" patterns: sandboxed execution, least privilege for connectors, retrieval whitelists, PII redaction, output filtering.
- Instrument everything: input/output logging with redaction, model/version lineage, evaluation hooks, and incident restore points.
- Gate production with policy: risk tiering, sign-offs for high-risk use cases, and rollback plans that are actually tested.
Fairness and transparency: what leaders should actually do
Leaders don't need every technical detail. They do need to prevent harm and show their work. That means consistent processes, visible accountability, and training that sticks.
- Publish model facts: data provenance summaries, known limits, intended use, and off-limits use (model cards, data statements).
- Enforce bias checks: stratified tests on priority groups and adverse impact analysis tied to go/no-go criteria.
- Make red teaming routine: jailbreak tests, prompt injection drills, and phishing simulations for AI assistants.
- Set up an AI incident process: intake, triage, containment, user comms, and remediation with time-bound SLAs.
- Train the org: product, engineering, risk, and legal on the same playbook and vocabulary.
Government-industry-academia: collaboration that actually moves the needle
The promise is strong, but execution is behind. We've all seen how easily generative systems can be abused to create harmful content from user-supplied images. Waiting for blow-ups and then reacting is not a strategy.
- Proactive policy: require safety disclosures, eval results, and incident reporting for high-impact models and services.
- Shared test suites: open benchmarks for abuse, bias, and safety that vendors must pass to win public and enterprise work.
- Data access with guardrails: privacy-preserving methods that let researchers and auditors test models without exposing people.
Skills and training: scale ethics with operations
Bias, safety, and misuse aren't edge cases. They're normal failure modes of AI systems. Treat them like availability or latency: measurable, managed, and owned.
- Stand up an AI Governance function with product, engineering, security, risk, and compliance at the table.
- Give builders tools: bias testing, prompt safety linting, eval harnesses, and policy checks inside CI/CD.
- Upskill continuously: short cycles, live exercises, and clear role expectations for reviewers and approvers.
If you're building teams and need structured learning paths, see curated options by role such as AI Learning Path for CIOs, the AI Learning Path for Project Managers, and the AI Learning Path for Regulatory Affairs Specialists.
Which frameworks to use (and how to make them workable)
Three guides cover most needs: the EU AI Act, the NIST AI Risk Management Framework, and ISO/IEC 42001 for AI management systems. They're clear, but teams still need technology that makes compliance part of delivery, not a separate ritual.
- Map use cases to risk: document purpose, users, impact, and mitigations; tie to EU AI Act categories where applicable.
- Run NIST AI RMF loops: Govern, Map, Measure, Manage-baked into backlog, pipelines, and ops dashboards.
- Adopt ISO/IEC 42001 practices: policies, roles, audits, and continuous improvement for AI specifically.
Helpful references: NIST AI RMF and the EU's AI policy overview European approach to AI.
As generative and agentic systems scale, control the blast radius
Agentic systems will make decisions, call tools, and move money or data. That's useful-and risky. The mistake isn't experimenting; it's doing it without brakes.
- Guardrails: capability controls, allowlists for tools and data, content filters, rate limits, and spend caps.
- Evaluation: offline stress tests, scenario sims, and acceptance thresholds that block promotion if unmet.
- Humans in the loop for high-impact actions: dual controls, cross-checks, and clear escalation paths.
- Auto-disable: anomaly detection, canary releases, kill switches, and policy engines that quarantine bad behavior in real time.
UST's focus
UST teams bring responsible AI practices into design, delivery, and operations for large enterprises. That includes secure architectures, data privacy by default, evaluation pipelines, governance automation, and clear accountability so AI remains safe, useful, and auditable at scale.
A practical 90-day plan
- Days 1-15: inventory AI use, rank risk, write "intended use and limits" for each, and freeze high-risk launches pending reviews.
- Days 16-45: add guardrails (filters, PII redaction, tool allowlists), build a basic eval harness, and define incident workflows.
- Days 46-75: run bias tests on priority use cases, red team the top model, and wire policy checks into CI/CD.
- Days 76-90: publish model facts to stakeholders, set up monitoring, and pilot human-in-the-loop where impact is highest.
Heather Dawe's message is clear: secure, fair AI isn't a nice-to-have. It's how you protect customers, ship with confidence, and keep your systems-and reputation-safe.
Your membership also unlocks:
