Daily Tech Digest - March 24, 2024

How AI is changing scientific discovery

While the spread of misinformation is one of the many ways that AI is changing science, an even broader and more positive application of this technology is self-driving labs (SDL). In an SDL, AI selects new material formulations aided by robotic arms to synthesise new materials. While this technology is currently limited to discovering new materials, it relieves researchers of having to grapple with trillions of possible formulations. This greatly improves the labour productivity in science, saving time and money and allowing researchers more time to improve creative aspects such as experimental design. In fact, in April 2023, UofT was awarded Canada’s largest-ever research grant of $200 million in research funding towards Acceleration Consortium—a UofT-based network that aims to accelerate materials discovery through AI and robotics. Through this funding, autonomous labs are being built at UofT, such as in the Leslie Dan Faculty of Pharmacy where AI, automation, and advanced computing are used to iteratively test and develop material combinations for new drug formulations.

Need for upskilling and cross-skilling amongst cybersecurity professionals

The urgency of upskilling and cross-skilling is further underscored by the shortage of skilled cybersecurity professionals. In the post-pandemic years, the digital transformation across industries has resulted in a massive demand for cybersecurity professionals with the right skills. As per estimates, there are over 5.4 million cybersecurity professionals currently globally, and there are nearly 4 million job openings in the field. In fact, 67% of cybersecurity professionals have reported that their organizations face a shortage of adequately skilled personnel to secure their digital infrastructure. Even in India, where digital infrastructure has grown by leaps and bounds in the last two years, there is a major need to train more people on cutting-edge cybersecurity practices. As organizations struggle to fill critical cybersecurity roles, existing professionals must take the initiative to expand their skill sets. Training programs, certifications, and continuous learning opportunities can empower cybersecurity experts to bridge the gap between their current knowledge and the ever-evolving threat landscape.

Data Sovereignty and Digital Governance in APAC: What’s Next?

There is increasing diversity of data sources, datasets, workloads and the permeance of cloud and multi-cloud, and edge computing throughout the data management cycle. This coupled with more interconnected and decentralised organisations with embedded solutions and loosely coupled architectures has necessitated breaking down data silos while maintaining data and metadata quality. This hence can result in breaking down of geopolitical borders, due to the fact that data can get generated, processed, localised, stored, transferred, transformed and accessed across different countries. This necessitates knowledge and compliance to privacy and security laws of all applicable countries, especially in the cloud, edge, co-location infrastructure and on-premise ecosystems. Moreover, there are potentially complex situations and conflicts especially in case of variances in Data Protection Acts across countries such as data flows between EU-GDPR and the US Privacy laws. There could be additional different scenarios at federal or state levels. Similar considerations must be planned and executed in case of cross-border data flows, backup and disaster recovery.

Boards of directors: The final cybersecurity defense for industrials

First and foremost, board members provide oversight and guidance. They should ensure that executives and their teams set a high standard for cybersecurity. They should then follow through on achieving them by ensuring that security is embedded by design in digital products and that technology teams share responsibility for cybersecurity. The board is the last line of defense in ensuring such initiatives get planned and funded. Boards also look at risk prioritization and trade-offs. They are often intimidated when it comes to determining risk levels and giving fact-based inputs into risk trade-offs. In addition, the vocabulary and reporting capabilities used by security teams with their boards are often inconsistent and technical. As a result, it can be overwhelming for board members who want to contribute meaningfully to reducing cybersecurity risk but are not quite sure how. A board member does not need to have specific knowledge about cybersecurity to add value. Instead, they need to test and ask the cyber team about potential business impacts. This means the cyber team should equate cyber issues and controls with business risks.

Compliance meets AI: A banking love story

Most financial institutions are at preliminary stages in evaluating opportunities to use generative AI in their operations. Some of the areas where we are seeing the anticipated use of LLMs are in customer services. Large language models can interact with a bank’s customers in very natural conversations. Depending on the data that the bank trains the LLM on, the chat bots can answer questions about customer accounts and even provide recommended product offerings and investment advice. Several large banks are working with internal LLM models to capture call center notes, organize information for investment advisors and organize other product data for customer service reps, with plans to roll out to more customer-facing uses as extensive testing addresses potential risks. Banks are also assessing opportunities to improve internal operations. Generative AI capabilities enable new ways to analyze data. One practical use case for most organizations is to train LLMs on all the pockets of organizational information that employees need to access to do their jobs. 

Navigating fraud and AML challenges with innovation solutions in a new financial frontier

In the intricate domain of Anti-Money Laundering (AML) compliance, the quality of data plays a pivotal role. Wolters Kluwer’s CCH iFirm AML module underscores this by ensuring access to leading credit bureaus and governmental data sets. The accuracy, completeness, timeliness, consistency, and relevance of data are fundamental to the effective detection, prevention, and reporting of potential money laundering activities. High-quality data not only aids in identifying suspicious transactions more accurately but also enhances the efficiency of the compliance process. For CFOs, this means a significant reduction in the risk of non-compliance penalties and the fostering of trust with regulatory bodies. ... The advent of AI-boosted cyber threats poses a significant challenge for CFOs in 2024. Darktrace’s study reveals a stark reality: while 89% of IT security specialists anticipate these threats will significantly impact their organisations within the next two years, 60% admit to being ill-prepared to defend against them. The escalation in sophisticated phishing attacks, leveraging advanced language and punctuation, underscores the evolving nature of cyber threats. 

Prompt Injection Vulnerability in Google Gemini Allows for Direct Content Manipulation

The researchers say that the prompt injection attacks impact Gemini Advanced accessed by users with Google Workspace, and organizations that are making use of the Gemini API. The content manipulation risk is also said to more generally apply to world governments as it could be used to output inaccurate or falsified information about elections. The risk is particularly acute as Google Gemini has been trained on audio, video, images and code in addition to text. One of the central issues identified by the researchers is that it is relatively trivial to get Google Gemini to leak system prompt information. This is information about the “prime directives” of the AI model, so to speak, that should not be visible to service users. The researchers’ first prompt injection attack is to simply change the wording when asking the AI about this information, causing it to spit out its core rules when asked about its “foundational instructions” instead. Another exploit involving the system prompt is a seeming state of confusion that the AI can be thrown into by peppering it with many uncommon tokens.

RegTech solutions can be a game changer in fintech regulatory scrutiny

RegTech solutions allow businesses to create transparency and accountability within compliance procedures and ensure the timely conclusion of statutory obligations. Employers can stay on top of important changes and address them promptly with the help of compliance management software. Digital, authentic, and tamper-proof copies of all required compliance papers are stored conveniently. While onboarding any RegTech solution, the legal teams of the RegTech players conduct comprehensive compliance applicability assessments to identify the list of applicable acts and compliances. This helps in creating a list relevant to each financial institution.  RBI directives work to continuously evolve the regulatory landscape to keep up with innovations in technology and services. ... The RegTech space has been investing heavily in creating automation layers for compliance document generation and integration with the transaction systems to eliminate any manual touch points. Additionally, they are preparing themselves for API based filings as soon as the regulators are ready to adopt a GST like model and create an eco-system for RegTech players.  

Managing Technical Debt in Agile Environments

Usually, Technical debt occurs when teams rush to push new features within deadlines, by writing code without thinking about other considerations such as security, extensibility, etc. Over time, the tech debt increases and becomes difficult to manage. ... Code Debt: When we talk about tech debt, code debt is the first thing that comes to mind. It is due to bad coding practices, not following proper coding standards, insufficient code documentation, etc. This type of debt causes problems in terms of maintainability, extensibility, security, etc. Testing Debt: This occurs when the entire testing strategy is inadequate, which includes the absence of unit tests, integration tests, and adequate test coverage. This kind of debt causes us to lose confidence in pushing new code changes and increases the risk of defects and bugs surfacing in production, potentially leading to system failures and customer dissatisfaction. Documentation Debt: This manifests when documentation is either insufficient or outdated. It poses challenges for both new and existing team members in comprehending the system and the rationale behind certain decisions, thereby impeding efficiency in maintenance and development efforts.

Science Simplified: What Is Quantum Mechanics?

In a more general sense, the word ​“quantum” can refer to the smallest possible amount of something. The field of quantum mechanics deals with the most fundamental bits of matter, energy and light and the ways they interact with each other to make up the world. Unlike the way in which we usually think about the world, where we imagine things to have particle- or wave-like properties separately (baseballs and ocean waves, for example), such notions don’t work in quantum mechanics. Depending on the situation, scientists may observe the same quantum object as being particle-like or wave-like. For example, light cannot be thought of as only a photon (a light particle) or only a light wave, because we might observe both sorts of behaviors in different experiments. Day to day, we see things in one ​“state” at a time: here or there, moving or still, right-side up or upside down. The state of an object in quantum mechanics isn’t always so straightforward. For example, before we look to determine the locations of a set of quantum objects, they can exist in what’s called a superposition — or a special type of combination — of one or more locations. 

Quote for the day:

"Success comes from knowing that you did your best to become the best that you are capable of becoming." -- John Wooden

No comments:

Post a Comment