Artificial intelligence must not be allowed to replace the imperfection of human empathy
In the perfectly productive world, humans would be accounted as worthless,
certainly in terms of productivity but also in terms of our feeble humanity.
Unless we jettison this perfectionist attitude towards life that positions
productivity and “material growth” above sustainability and individual
happiness, AI research could be another chain in the history of self-defeating
human inventions. Already we are witnessing discrimination in algorithmic
calculations. Recently, a popular South Korean chatbot named Lee Luda was taken
offline. “She” was modelled after the persona of a 20-year-old female university
student and was removed from Facebook messenger after using hate speech towards
LGBT people. Meanwhile, automated weapons programmed to kill are carrying maxims
such as “productivity” and “efficiency” into battle. As a result, war has become
more sustainable. The proliferation of drone warfare is a very vivid example of
these new forms of conflict. They create a virtual reality that is almost absent
from our grasp. But it would be comical to depict AI as an inevitable Orwellian
nightmare of an army of super-intelligent “Terminators” whose mission is to
erase the human race.
The robots are ready – how can business leaders take the leap?
Robots and intelligent technology can now optimise something we’ve never been
able to before: the bandwidth of employees. This has become increasingly more
critical as staff adjust to remote working. By onboarding these new tools and
incorporating them into the workforce, businesses can empower their staff to do
more. They can automate mundane and repetitive tasks extremely quickly, giving
their human colleagues more time to take on problem-solving and time-consuming
tasks. In fact, 4 in 5 employees that use robots and digital workers say they
have been beneficial with efficiency and collaboration, and are useful in easing
the burden of administrative tasks. Employees have found that a ‘robotic helping
hand’ has been most appreciated for sorting data and documents, providing
prompts for pending tasks, and digitising paperwork. What’s also clear is that
some businesses do have the right tools in place to help. In fact, half of UK
employees said processes helped them do their job faster and collaborate better,
both critical during the pandemic. However, for business leaders, the pressure
to get automation right is huge. It’s a major investment of time, money, and
energy for everyone involved.
Why process mining is seeing triple-digit growth
Many enterprises are finding it difficult to scale beyond a few software robots
or bots because they are automating a bad process that cannot scale. “Most
businesses are automating processes through RPA and hyperautomation without
first fully understanding their data and processes,” explained Gero Decker, CEO
of Signavio, a SAP spinoff focused on business transformation. As enterprises
pursue increased efficiencies, there is debate about whether it makes more sense
to automate what exists or to fix it first. Automating a bad process may make it
faster, but it may also suffer from chokepoints caused by integration with
legacy systems or approval processes. Process mining can help a company fix a
bad process first. Chris Nicholson, CEO of Pathmind, a company applying AI to
industrial operations, argues, “The main challenge to overcome before applying
process automation is to standardize the current processes performed by people.
If they are not standardized, there can be no automation.” With process mining,
companies can see whether their current processes are standardized so they know
which problem they have to solve first: standardization or automation.
Sophisticated cybersecurity threats demand collaborative, global response
The cybersecurity industry has long been aware that sophisticated and
well-funded actors were theoretically capable of advanced techniques, patience,
and operating below the radar, but this incident has proven that it isn’t just
theoretical. We believe the Solorigate incident has proven the benefit of the
industry working together to share information, strengthen defenses, and respond
to attacks. Additionally, the attacks have reinforced two key points that the
industry has been advocating for a while now—defense-in-depth protections and
embracing a zero trust mindset. Defense-in-depth protections and best practices
are really important because each layer of defense provides an extra opportunity
to detect an attack and take action before they get closer to valuable assets.
We saw this ourselves in our internal investigation, where we found evidence of
attempted activities that were thwarted by defense-in-depth protections. So, we
again want to reiterate the value of industry best practices such as outlined
here, and implementing Privileged Access Workstations (PAW) as part of a
strategy to protect privileged accounts.
AI Transformation in 2021: In-Depth guide for executives
AI transformation touches all aspects of the modern enterprise including both
commercial and operational activities. Tech giants are integrating AI into their
processes and products. For example, Google is calling itself an “AI-first”
organization. Besides tech giants, IDC estimates that at least 90% of new
organizations will insert AI technology into their processes and products by
2025. ... First few projects should create measurable business value while being
attainable. This is important for the transformation to gain trust across the
organization with achieved projects and it creates momentum that will lead to AI
projects with greater success. These projects can rely on AI/ML powered tools in
the marketplace or for more custom solutions, your company can run a data
science competition and rely on the wisdom of hundreds of data scientists. These
competitions use encrypted data and provide a low cost way to find high
performing data science solutions. bitgrit is a company that helps companies
identify AI use cases and run data science competitions. Implementing process
mining tools is one of those easy-to-achieve and impactful projects. For
example, QPR’s Process Analyzer tool has an extensive set of ready-to-use
process mining analyses, including ready-to-use clustering analysis and process
predictions, as well as a platform for machine learning based analyses.
Microsoft Says It's Time to Attack Your Machine-Learning Models
Machine-learning researchers are focused on attacks that pollute machine
learning data, epitomized by presenting two seemingly-identical image of, say, a
tabby cat, and having the AI algorithm identify it as two completely different
things, he said. More than 2,000 papers have been written in the last few years,
citing these sorts of examples and proposing defenses, he said. "Meanwhile,
security professionals are dealing with things like SolarWinds, software updates
and SSL patches, phishing and education, ransomware, and cloud credentials that
you just checked into Github," Anderson said. "And they are left to wonder what
the recognition of a tabby cat has to do with the problems they are dealing with
today." ... Anderson shared a red team exercise conducted by Microsoft
where the team aimed to abuse a Web portal used for software resource requests
and the internal machine-learning algorithm that determines automatically to
which physical hardware it assigns a requested container or virtual machine. The
red team started with credentials for the service, under the assumption that
attackers will be able to gather valid credentials - either by phishing or
because an employee reuses their user name and password.
Microsoft: Office 365 Was Not SolarWinds Initial Attack Vector
In its Thursday blog, the Microsoft team says the compromise techniques
leveraged by the SolarWinds hackers included "password spraying, spear-phishing
and use of webshell through a web server and delegated credentials." Earlier
this week, acting CISA Director Brandon Wales told The Wall Street Journal that
the SolarWinds cyberespionage operation gained access to targets using a
multitude of methods, including password spraying and through exploits of
vulnerabilities in cloud software (see: SolarWinds Hackers Cast a Wide Net). "As
part of the investigative team working with FireEye, we were able to analyze the
attacker’s behavior with a forensic investigation and identify unusual technical
indicators that would not be associated with normal user interactions. We then
used our telemetry to search for those indicators and identify organizations
where credentials had likely been compromised by the [SolarWinds hackers],"
Microsoft's security team says. But Microsoft says it's found no evidence that
the SolarWinds hackers used Office 365 as an attack vector. "We have
investigated thoroughly and have found no evidence they [SolarWinds] were
attacked via Office 365," the Microsoft researchers say. "The wording of the
SolarWinds 8K filing was unfortunately ambiguous, leading to erroneous
interpretation and speculation, which is not supported by the results of our
investigation."
Data loss prevention strategies for long-term remote teams
For many, a distributed hybrid workforce is the new normal, vastly expanding
their threat landscape and making it more challenging to secure data and IT
infrastructure. In this environment, companies need to pivot their defensive
capacity, ensuring that they are prepared to meet the moment (i.e., the
threats). When considering cybersecurity threats, we often think of shady
cybercriminals or nation-states hacking company networks. After all, when these
incidents occur, they make worldwide news headlines. For most companies,
however, external bad actors aren’t the most critical risk. A company’s
employees often pose a more prominent and – luckily – a more manageable
cybersecurity threat. IBM estimates that human error causes nearly a
quarter of all data breaches. Additionally, employees commonly and inadvertently
compromise company data through poor password hygiene, accidental data sharing,
improper technology use, phishing scams, and more. Some employees will also act
maliciously, intentionally stealing company data for profit, retribution, or
fun. The market for sensitive data is so prolific that some cybersecurity
experts predict the emergence of insiders-as-a-service as bad actors capitalize
on remote work trends to infiltrate companies.
The Rise of Responsible AI
In Public Safety arena using biased data to train the AI to identify criminals
using cyber forensics can lead to the wrongful conviction of innocent people
as the output of the software was influenced by racial and ethnicity data
points introduced as either the code used was not tested properly or used
wrong data sets for testing resulting in destroying lives. Apart from the bias
in the data set we have also seen that during any application or transactional
data processing there is no transparency as to find out why this decision was
taken, which parameter influenced it and why did the algorithm took additional
steps to mitigate it? All these can be easily answered by embedding
explainability and transparency in the AI design processes to provide
understandability of the context and interpretability of the decision by AI.
Thus we need Responsible AI which is the practice of using AI with good
intention to empower employees and businesses, and fairly impact customers and
society – allowing companies to engender trust and scale AI with confidence
along with the purpose of providing a framework to ensure the ethical,
transparent and accountable use of AI technologies consistent with user
expectations, organizational values and societal laws and norms.
Adaptive Frontline Incident Response: Human-Centered Incident Management
Many companies struggle with defining an incident. To us, an incident is when
a service or feature functionality is degraded. But defining "degraded"
contains a multitude of possibilities. One could say "degraded" is when
something isn’t working as expected. But what if it’s better than expected?
What’s the expected behavior? Do you define it based on customer impact? Do
you wait until there’s customer impact to declare an issue an incident? This
is where having a common and shared understanding of the normal operating
behavior of the system and formalizing these in feature/service level
objectives and indicators are key. We have to know what we expect, to know
when a degradation becomes an incident. But, defining service level objectives
for legacy services already in operation takes a significant investment of
time and energy that might not be available right now. That’s the reality in
which we frequently operate, trading off efficiency with thoroughness, as
Hollnagel (2009) points out. We handle this tradeoff with a governing set of
generic thresholds to fill in for services without clear indicators. At Twilio
we have a lot of products, running the gamut from voice calls, video
conferencing, and text messages, to email and two factor authentication.
Quote for the day:
"Don't look back. Something might be
gaining on you." -- Satchel Paige
No comments:
Post a Comment