Here is how far we are to achieving AGI, according to DeepMindDeep
Mind presents a matrix that measures “performance” and “generality” across
five levels, ranging from no AI to superhuman AGI, a general AI system that
outperforms all humans on all tasks. Performance refers to how an AI system’s
capabilities compare to humans, while generality denotes the breadth of the AI
system’s capabilities or the range of tasks for which it reaches the specified
performance level in the matrix. ... DeepMind suggests that an AGI benchmark
would encompass a broad suite of cognitive and metacognitive tasks, measuring
diverse properties, including linguistic intelligence, mathematical and
logical reasoning, spatial reasoning, interpersonal and intrapersonal social
intelligence, the ability to learn new skills, and creativity. However, they
also acknowledge that it is impossible to enumerate all tasks achievable by a
sufficiently general intelligence. “As such, an AGI benchmark should be a
living benchmark. Such a benchmark should therefore include a framework for
generating and agreeing upon new tasks,” they write.
Utilizing A Business Information Security Officer
Unfortunately, a majority of CISOs are spending their limited time
firefighting issues rather than contributing to business strategy or forging
relationships. This is where a business information security officer (BISO)
can come in. According to Forrester, the BISO operates on behalf of the CISO,
serving as an advisor and bridge to functional leaders. In other words, it’s a
security role that puts business first. ... Security culture can be defined as
the values, attitudes, customs, beliefs, and social behaviors that influence
the security posture of an organization. It’s the stuff that drives secure
behavior in employees (even when no one’s watching); it’s the security
instinct that kicks in when someone sees something unusual or suspicious.
Traditionally, most CISOs are not in close contact or communication with
employees, and therefore, it is difficult for them to influence and promote a
positive security culture. With the BISO role, it's different; since the BISO
enjoys closer ties with various business groups and has a better understanding
of employee requirements and sentiments, they are better positioned to
influence culture change.
Russian Hackers Linked to 'Largest Ever Cyber Attack' on Danish Critical Infrastructure
On the 11 companies that were successfully infiltrated, the threat actors
executed malicious code to conduct reconnaissance of the firewall
configurations and determine the next course of action. "This kind of
coordination requires planning and resources," SektorCERT said in a detailed
timeline of events. "The advantage of attacking simultaneously is that the
information about one attack cannot spread to the other targets before it is
too late." "This puts the power of information sharing out of play because no
one can be warned in advance about the ongoing attack since everyone is
attacked at the same time. It is unusual – and extremely effective." A second
wave of attacks targeting more organizations was subsequently recorded from
May 22 to 25 by an attack group with previously unseen cyber weapons, raising
the possibility that two different threat actors were involved in the
campaign. That said, it's currently unclear if the groups collaborated with
each other, worked for the same employer, or were acting independently.
Demystifying Event Storming: A Comprehensive Guide to Understanding Complex Systems
Event Storming is a powerful and collaborative workshop-based technique used
to gain a deep understanding of complex systems, processes, and domains. It
was introduced by Alberto Brandolini, an expert in domain-driven design and
Agile software development. Event Storming stands out as a versatile and
practical approach that brings together stakeholders, domain experts, software
developers, and business analysts to unravel the intricacies of a system. At
its core, Event Storming is a visual modeling method that uses sticky notes
and a large workspace, such as a wall or whiteboard, to represent various
events and interactions within a system. These events can range from user
actions, system processes, and domain events to business rules and policies.
The workshop participants collaboratively contribute to this visual
representation, creating a shared understanding of the system’s behavior and
business processes. Event Storming starts with a domain description, then Big
Picture. Big Picture Event Storming is the first step in understanding complex
systems.
Integration of Cybersecurity into Physical Security Realm
In this era of evolving cyber threats, integrating cybersecurity into physical
security is not a choice but an organizational necessity. In most cases,
physical security and cybersecurity work as two sides of the same backbone in
the spectrum of security. Physical security protects tangible assets, such as
buildings, equipment, and people, from physical threats. On the other hand,
cybersecurity focuses on safeguarding digital assets, information, and systems
from virtual threats, including hacking, malware, and data breaches. In this
context, just as a backbone provides structural support to the body, the
integration of cybersecurity into the realm of physical security offers a
robust defense for an organization. This fusion of digital and physical
security measures creates a comprehensive defense strategy which safeguards
firm-specific assets, personnel, and data from various threats. This
integrated approach ensures not only the protection of the physical
infrastructure but also the prevention of unauthorized access, tampering, and
disruptions caused by cyberattacks. It is paramount to understand how
cybersecurity enhances physical security systems’ resilience.
Bridging the expectation-reality gap in machine learning
The engineers who wrangle company data to build ML models know it’s far more
complex than that. Data may be unstructured or poor quality, and there are
compliance, regulatory, and security parameters to meet. There is no quick-fix
to closing this expectation-reality gap, but the first step is to foster
honest dialogue between teams. Then, business leaders can begin to democratize
ML across the organization. Democratization means both technical and
non-technical teams have access to powerful ML tools and are supported with
continuous learning and training. Non-technical teams get user-friendly data
visualization tools to improve their business decision-making, while data
scientists get access to the robust development platforms and cloud
infrastructure they need to efficiently build ML applications. At Capital One,
we’ve used these democratization strategies to scale ML across our entire
company of more than 50,000 associates. When everyone has a stake in using ML
to help the company succeed, the disconnect between business and technical
teams fades. So what can companies do to begin democratizing ML?
Generative AI Solution Architecture for Complex Enterprises
Generative AI tends to be non-deterministic (running it multiple times even
with the same input may result in different behaviour each time it is run).
Therefore, how we design, manage and test it needs different thinking from
more traditional deterministic technologies. As with machine learning in
general, maths and algorithms that are inaccessible to the average person
(without knowledge of statistics and data science) create issues in
understanding and transparency. Add to this the complexity of enterprise
architecture (business, data, applications and applications) in modern
organisations, and explainability becomes even more difficult. This
non-deterministic behaviour also creates consistency, reliability and
repeatability challenges. ... Scaling systems powered by machine learning is
challenging. Creating an algorithm in a lab environment that comes up with an
answer in several hours is OK for a one-off exercise, but simply won’t cut it
for real-time customer interaction at scale. It won’t simply be the
performance of the ML models; how you integrate these models with enterprise
data stores and systems of record will also impact performance.
Why cyber war readiness is critical for democracies
We can’t talk about the war in Ukraine and not mention cyber attacks aimed at
disrupting operational technology (OT) used by companies that are part of the
country’s critical infrastructure (CI). In his talk, Ferguson briefly passed
through the known attacks that hit CI entities with OT-specific malware,
starting with Stuxnet in 2010 and ending with CosmicEnergy in 2023. Some of
the attacks are believed to be the work of the US and Israel (Stuxnet),
cybercriminals or are still unattributed (the destructive 2014 attack against
a steel plant in Germany). But the rest, he noted, are all believed to have
been mounted by Russian state-backed attackers. And, he says, they are getting
better at it. Mirroring the development of attacks against IT systems, they
have recently begun exploiting legitimate tools found in OT environments, so
they don’t need to develop customized malware. Many attackers are scanning for
OT-specific protocols and probing OT devices, Ferguson noted. While their
actual exploitation hinges on the skills of the attackers, some modes of
attack are available to those who are less skilled, but eager.
Unpatched Critical Vulnerabilities Open AI Models to Takeover
The risk is not theoretical: Large companies have already embarked on
aggressive campaigns to find useful AI models and apply them to their markets
and operations. Banks already use machine learning and AI for mortgage
processing and anti-money laundering, for example. While finding
vulnerabilities in these AI systems can lead to compromise of the
infrastructure, stealing the intellectual property is a big goal as well, says
Daryan Dehghanpisheh, president and co-founder of Protect AI. "Industrial
espionage is a big component, and in the battle for AI and ML, models are a
very valuable intellectual property asset," he says. "Think about how much
money is spent on training a model on the daily basis, and when you're talking
about a billion parameters, and more, so a lot of investment, just pure
capital that is easily compromised or stolen." Battling novel exploits against
the infrastructure underpinning natural-language interactions that people have
with AI systems like ChatGPT will be even more impacting, says Dane Sherrets,
senior solutions architect at HackerOne.
How to prepare for anything
In Latin, Audi means listen (translated from German horch, which is also the
name of Audi’s founder, August Horch). And that is exactly what Mohr decided
to do: listen to the questions he and his team were asking themselves. Mohr
chose a human approach to understanding how change comes about. It revolves
around understanding and embracing the five levels or shades of uncertainty on
the journey toward transformation: wonder, skepticism, curiosity, doubt, and
creativity. ... “We needed to understand what really matters to our people in
order to initiate meaningful change,” Stine Thomssen, who is part of Mohr’s
leadership team, recalls. Understanding what really matters to your employees
requires insight into their ways of thinking and talking about their everyday
practice. This calls for a systematic approach of tapping into the questions
people are asking one another in your organization. In the case of the paint
shop, it involved setting up several workshops and using a digital platform to
engage employees in peer-to-peer conversations about the future.
Quote for the day:
''The manager asks how and when, the
leader aks what and why.'' -- Warren Bennis
No comments:
Post a Comment