← Trainings·Security

AI Security Essentials for Small Business

2026-07-21 · 6:30 PM PT · Tacoma, WA · Hybrid

TBA

17 reserved40 seats
Seats available

AI tools are inside almost every small business now — and most of them are quietly logging everything you type. Customer names, contract language, financial details, internal processes. This session shows you exactly what's leaking, runs live attacks so you can see the risk firsthand, then gives you a concrete 7-control baseline you can implement the week you get back. No IT background required. The goal isn't to scare you out of using AI — it's to make you dangerous enough to use it safely.

Who this is for

  • Business owners and founders using AI tools day-to-day
  • Operations and office managers responsible for customer data
  • Anyone who has pasted sensitive information into ChatGPT and wondered if that was fine
  • Staff who handle contracts, customer records, or financial information

Reserve seat

17/40 reserved · Free · Confirmation arrives by email.

Curriculum

What we cover

[01]

Where AI tools leak data

  • How large language models log and use your prompts
  • Which tools are high-risk vs. safe for business use
  • Real examples: what data exfiltration looks like from the inside
  • Shadow AI — tools your team is using that you don't know about
[02]

Live attack demonstrations

  • Prompt injection: hijacking an AI tool in real time
  • Data exfiltration via a business chatbot
  • Credential harvesting through an AI-generated phishing email
  • Supply chain attack via a compromised AI vendor
[03]

The 7-control baseline

  • Control 1: Password manager deployment across the team
  • Control 2: MFA on every account that matters
  • Control 3: DMARC/DKIM/SPF — stop attackers from spoofing your domain
  • Control 4: Device encryption and auto-lock policies
  • Control 5: Offline backups — test one live in the room
  • Control 6: Access audit — who still has keys to the building
  • Control 7: Vendor security review — the 5 questions to ask before integrating any AI tool
[04]

Building your AI usage policy

  • What your policy needs to cover (and what it doesn't)
  • Live walkthrough: completing the one-page policy template
  • Communicating it to your team without creating friction
  • 30-day enforcement checklist

What you leave with

Takeaways

  • [01]A completed one-page AI usage policy ready for your team
  • [02]The 7-control security checklist with implementation notes
  • [03]Vendor security questionnaire — use it before you connect any new tool
  • [04]A 30-day action plan prioritized by risk reduction per hour of effort

Materials provided

What's included

  • Printed 7-control implementation checklist
  • AI usage policy template (editable Word + Notion)
  • Vendor security questionnaire (PDF)
  • Tool risk tier list — which AI tools are safe for what data
  • 30-day action plan worksheet

Prerequisites

None. Bring a laptop if you want to follow along with the live demos. No technical background required.

FAQ

Common questions

Is this technical? Do I need an IT background?

No. This session is built for business owners and operators, not IT professionals. Every concept is explained in plain language with real business examples. If you can use email and a browser, you can follow everything we cover.

We already use a managed IT provider. Is this still relevant?

Yes — and possibly more so. Most managed IT providers don't have specific AI security practices yet. The vendor assessment questions alone will help you have a much better conversation with your provider.

Will we actually touch tools and do things, or is this just slides?

We run live attacks in the room. You'll watch real exploits happen against real tools. The policy walkthrough is hands-on — you'll leave with a completed document, not a template you'll never fill out.

What if our business is fully remote?

The baseline applies directly. Remote businesses typically have more exposure, not less — more tools, more device types, more vendor integrations. A future virtual version of this session is coming; subscribe to get notified.

Is there a recording or materials sent afterward?

All attendees receive the digital materials package by email within 24 hours of the session. We do not record the live attack demonstrations out of respect for the tools involved.

Also coming up

More sessions

  • 2026-05-20

    6:00 PM PT

    Scaling Operations with AI: A Working Session

    Online · Virtual

    View details

  • 2026-06-18

    6:30 PM PT

    AI-Powered Marketing Ops in Under 60 Minutes

    Tacoma, WA · Hybrid

    View details