Daily Tech Digest - November 13, 2023

Navigating the Crossroads of Data Confidentiality and AI

Striking a balance between ensuring data privacy and maximizing the effectiveness of AI models can be quite complex. The more data we utilize for training AI systems, the more accurate and powerful they become. However, this practice often clashes with the need to safeguard privacy rights. Techniques like federated learning offer a solution by allowing AI models to be trained on data sources without sharing raw information. For the uninitiated, Federated Learning leverages the power of edge computing to train local models. These models use data that never leaves the private environment (like your phone, IoT devices, corporate terminals, etc.). Once the local models are trained, they are then leveraged to build a centralized model that can be used for related use cases. ... Due to the recent acceleration in the adoption of AI, government regulations play a pivotal role in shaping the future of AI and data confidentiality. Legislators are increasingly recognizing the significance of data privacy and are implementing laws such as the General Data Protection Regulation (GDPR) in Europe and the California Consumer Privacy Act (CCPA).

CISOs vs. developers: A battle over security priorities

“Developers and CISOs juggle numerous security priorities, often conflicting across organizations,” noted Luke Shoberg, Global CISO at Sequoia Capital. “The report emphasizes the need for internal assessments, fostering deeper collaboration, and building trust among teams managing this critical domain. Recognizing technical and cultural obstacles, organizations have made significant strides in understanding the importance of securing the software supply chain for sustained business success.” “The world of software consumption and security has radically changed. From containers to the explosion of open source components, every motion has been toward empowering developers to build faster and better,” said Avon Puri, Global Chief Digital Officer at Sequoia Capital. “But with that progress, the security paradigm has been challenged to refocus on better controls and guarantees for the provenance of where software artifacts come from and that their integrity is being maintained. The survey shows developers and security teams are wrestling with this new reality in the wake of major exploits like Log4j and SolarWinds.

Deception technology use to grow in 2024 and proliferate in 2025

It's worth mentioning that all scanning, data collection, processing, and analysis will be continuous to keep up with changes to the hybrid IT environment, security defenses, and the threat landscape. When organizations implement a new SaaS service, deploy a production application, or make changes to their infrastructure, the deception engine notes these changes and adjusts its deception techniques accordingly. Unlike traditional honeypots, burgeoning deception technologies won't require cutting-edge knowledge or complex setup. While some advanced organizations may customize their deception networks, many firms will opt for default settings. In most cases, basic configurations will sufficiently confound adversaries. Remember, too, that deception elements like decoys and lures remain invisible to legitimate users. Therefore, when someone goes poking at a breadcrumb or canary token, you are guaranteed that they are up to no good. In this way, deception technology can also help organizations improve security operations around threat detection and response.

What Role Will Open-Source Hardware Play in Future Designs?

The extent of open-source hardware’s impact on electronics design is still uncertain. While it could likely lead to all these benefits, it also faces several challenges to mainstream adoption. The most significant of these is the volatility and high costs of the necessary raw materials. Roughly 70% of all silicon materials come from China. This centralization makes prices prone to fluctuations from local disruptions in China or throughout the supply chain. Similarly, long shipping distances raise related prices for U.S. developers. Even if integrated circuit design becomes more accessible, these costs keep production inaccessible, slowing open-source devices’ growth. Similarly, industry giants may be unwilling to accept the open-source movement. While open-source designs open new revenue streams, these market leaders profit greatly from their proprietary resources. The semiconductor fabs supporting these large companies are even more centralized. It may be difficult for open-source hardware to compete if these organizations don’t embrace the movement.

How Should Developers Respond to AI?

“Unionizing against AI” wasn’t a specific goal, Quick clarified in an email interview with The New Stack. He’d meant it as an example of the level of just how much influence can come from a united community. “My main thought is around the power that comes with a group of people that are working together.” Quick noted what happened when the United Auto Workers went on strike. “We are seeing big changes happening because the people decided collectively they needed more money, benefits, etc. I can only begin to guess at what an AI-related scenario would be, but maybe in the future, it takes people coming together to push for change on regulation, laws, limitations, etc.” Even this remains a concept more than any tangible movement, Quick stressed in his email. “Honestly, I don’t have much more specific actions or goals right now. We’re just so early on that all we can do is guess.” But there is another scenario where Quick thinks community action would be necessary to push for change: the hot-button issue of “who owns the code.” 

Security, privacy, and generative AI

For many of the proposed applications in which LLMs should excel, delivering false responses can have serious consequences. Luckily, many of the mainstream LLMs have been trained on numerous sources of data. This allows these models to speak on a diverse set of topics with some fidelity. However, there is typically insufficient knowledge around specialized domains in which data is relatively sparse, such as deep technical topics in medicine, academia, or cybersecurity. As such, these large base models are typically further refined via a process called fine-tuning. Fine-tuning allows these models to achieve better alignment with the desired domain. Fine-tuning has become such a pivotal advantage that even OpenAI recently released support for this capability to compete with open-source models. With these considerations in mind, consumers of LLM products who want the best possible outputs, with minimal errors, must understand the data in which the LLM is trained (or fine-tuned) to ensure optimal usage and applicability.

How to keep remote workers connected to company culture

As important as workplace collaboration and communication tools are, technology alone can’t keep remote workers engaged with business objectives. Before the pandemic, auto finance firm Credit Acceptance centered its operations around in-person interactions in its offices, for which it got accolades; after COVID-19 arrived, the company’s 2,200 employees had to work remotely. “You didn't work from home at all – [only in] rare circumstances,” said Wendy Rummler, chief people officer at Credit Acceptance. “We considered our culture too important, [we believed that] we couldn't maintain it if we had a fully remote workforce, or even partially for that matter.” Fast forward a couple of years and the picture is markedly different now, with almost all staffers now fully remote. Internal pulse surveys have found that employee engagement has remained as high as before the pandemic, said Rummler. This is no accident, she said; Credit Acceptance deliberately set out to maintain its work culture without regular person-to-person interactions.

Should AI Require Societal Informed Consent?

The concept of societal informed consent has been discussed in engineering ethics literature for more than a decade, and yet the idea has not found its way into society, where the average person goes about their day assuming that technology is generally helpful and not too risky. In most cases, technology is generally helpful and not too risky, but not in all cases. As artificial intelligence grows more powerful and is applied to more new fields (many of which may be inappropriate), these cases will multiply. How will technology producers know when their technologies are not wanted if they never ask the public? ... One of the characteristics of a representative democracy is that -- at least in theory -- our elected officials are looking out for the well-being of the public. ... It is time for the government and the public to have a new conversation, one about technology -- specifically artificial intelligence. In the past we’ve always given technology the benefit of the doubt; tech was “innocent until proven guilty” and a long-time familiar phrase in and around Silicon Valley has been “it’s better to ask forgiveness, not permission.” We no longer live in that world.

Harnessing the potential of generative AI in marketing

Augmenting human creativity with the power of generative AI holds so much promise that the use cases we know now are only the tip of the proverbial iceberg. Companies that are looking to get a head start should, therefore, ensure that they have laid down the foundations for doing so. An important consideration in deploying generative AI is the availability of data. Contextualisation is a key benefit of generative AI and large language models (LLMs). But for enterprises with legacy, on-premise systems, their data is usually isolated within silos. Organisations looking to deploy generative AI solutions for their marketing efforts should leverage cloud data platforms to unify all their internal data. Aside from breaking down silos, businesses should also ensure seamless access to all their data. A lot of the data generated by marketing teams is either unstructured or semi-structured; such as social media posts, emails, and text documents, to name a few. Marketing teams should ensure that their cloud data platforms can load, integrate, and analyse all types of data.

Managing Missing Data in Analytics

Missing at Random (MAR) is a very common missing data situation encountered by data scientists and machine learning engineers. This is mainly because MCAR and MNAR-related problems are handled by the IT department, and data issues are addressed by the data team. MAR data imputation is a method of substituting missing data with a suitable value. Some commonly used data imputation methods for MAR are:In hot-deck imputation, a missing value is imputed from a randomly selected record coming from a pool of similar data records. In hot-deck imputation, the probabilities of selecting the data are assumed equal due to the random function used to impute the data. In cold-deck imputation, the random function is not used to impute the value. Instead, other functions, such as arithmetic mean, median, and mode, are used. With regression data imputation, for example, multiple linear regression (MLR), the values of the independent variables are used to predict the missing values in the dependent variable by using a regression model. Here, first the regression model is derived, then the model is validated, and finally the new values, i.e., the missing values, are predicted and imputed. 

Quote for the day:

"Failure isn't fatal, but failure to change might be" -- John Wooden

No comments:

Post a Comment