How Yext created AI fact sheets to standardize vendor evaluations | Rohit Parchuri (CISO at Yext)

At Yext, evaluating every AI tool through a security-first lens sparked comprehensive AI governance frameworks that protect enterprise data without stifling productivity.

Rohit Parchuri, SVP & CISO, explains how they developed "AI fact sheets" for these evaluations, comparing each tool against specific business goals, data protection requirements, and existing capabilities. This process prevents tool duplication while ensuring security standards are met before deployment.

But governance is just one piece of Yext's AI strategy. As a company born from AI technology, they've already built their own ML models to filter false positives from security tools, and they have direct experience with AI's data amplification risks — like how incorrect restaurant ingredient data could trigger FDA issues across all client listings. Rohit explores how enterprises can build sustainable AI programs that accelerate business outcomes while maintaining robust security controls.

Topics discussed:

• AI's intent recognition versus traditional RPA systems.
• Implementing "AI fact sheets" for vendor evaluation.
• Building security checkpoints.
• Balancing employee productivity with data protection.
• Managing free consumer AI tools like ChatGPT.
• Developing AI acceptable use policies.
• Replacing tier-1 analysts with AI systems.
• Creating feedback loops for vulnerability categories.
• Evaluating AI vendor security frameworks.
• Predicting AI replacement timelines for security roles.

Listen to more episodes: 

Apple 

Spotify 

YouTube

Website