The Tug of War Between Biometrics and Privacy
The strengths of biometric identification can combat fraud. Your fingerprint
proves you are you before you conduct a transaction on your mobile banking app,
for example. At airports, biometrics identification is implemented as a matter
of public safety. Fingerprint biometrics are standard in background checks.
Within an enterprise, biometric systems may be used to prevent insider threats,
verifying an employee’s identity before they conduct a transaction. Among the
myriad use cases for biometrics, the argument for this technology is its
convenience and its strengths over traditional measures, such as passwords.
Biometric identifiers are unique to the individual and difficult to alter or
fake. ... In many scenarios, consent is clearcut. An enterprise has an upfront
policy, and users must give their explicit permission to have their biometrics
collected. Think of a banking app; you have to click through a series of prompts
before you can start using your thumbprint to log into your account. In other
situations, consent is not so easily addressed. In an airport, for example, it
is possible to opt out of facial recognition, but that might be surprising to
many.
Remember quantum computing in the cloud?
Quantum computing, while promising, is still mainly in the realm of future
potential. The industry is making strides towards more advanced qubits and
increased stability. However, the practical utility of these advancements
remains over the horizon for many organizations. This timeline, coupled with the
steep learning curve and investment required, has positioned quantum computing
as a slower-evolving technology compared to AI. Moreover, the current quantum
offerings, often accessed via cloud platforms, are still primarily experimental.
They require specialized knowledge to leverage effectively, whereas GPUs
integrated into cloud services can be readily used to scale existing AI
operations with relatively lower barriers to entry. Why are generative AI and
GPUs so dominant? The answer lies in immediate applicability and results.
Businesses today face pressures to innovate faster than ever. Generative AI not
only aids in creating innovative solutions but also provides a competitive edge
in real-time decision-making processes. It is a tool ready to be wielded, with
clear ROI and application pathways that quantum computing has yet to establish
fully.
Welcome to the AI revolution: From horsepower to manpower to machine-power
Until very recently, technology was first and foremost a tool. It was something
humans built and then used to do a job -- and to do it better, faster, and
easier than we could without it. But still, we used technology. What's new with
artificial intelligence (AI) is that we are not creating new tools to help us do
a job. We are creating a new workforce to do the job for us. This trend is not
absolute of course and we can always point to older technologies that may have
done part of our job for us (factory automation began at least 200 years ago).
However, we are now creating a cheaper, faster, better, scalable workforce, not
a cheaper, faster, better, scalable toolset. This new workforce is not going to
replace us all any time soon. There are two main reasons for this fact. The
first is that the hype of AI far exceeds its current capabilities, except in
some narrow, rules-based scenarios. Generative AI in particular appears
almost magical in its ability to render text, images and even video. Yet its
inability to understand any of its output, along with the volume of data and the
power needed to train its models, surely limits it from replacing human workers.
The Crucial Role of Firewall Rule Histories
In the security industry, there are unfortunately many opportunities for
organizational learning and improvement after a breach or an attack, regardless
of whether they were successful or stopped right away. Beyond the containment
and security enhancement steps, firewall rule histories are also necessary to
create a comprehensive post-mortem analysis of the breach’s scope and root
cause. One of the greatest takeaways from a firewall rule analysis is the
insight into a network segmentation weakness or access control mechanism that
needs to be addressed to prevent similar attacks from being successful in the
future. Understanding the lateral movement of attackers within the network helps
in assessing the full extent of compromised systems or data. Rule histories can
show security teams whether an attack was conducted quickly, as soon as an
attacker gained access; or if it was a slow, methodical process where
adjustments were made over time to secure maximum impact when finally set into
motion. Security teams can use firewall histories to identify recurring
patterns, trends, or systemic vulnerabilities beyond those that lie on the
surface.
CISOs face uncharted territory in preparing for AI security risks
Despite the enormous intellectual, technical, and government resources devoted
to creating AI risk models, practical advice for CISOs on how to best manage AI
risks is currently in short supply. Although CISOs and security teams have come
to understand the supply chain risks of traditional software and code,
particularly open-source software, managing AI risks is a whole new ballgame.
“The difference is that AI and the use of AI models are new.” Alon Schindel, VP
of data and threat research at Wiz tells CSO. “We have never seen technology
developed so fast like these models,” he says. “It’s not like the machine
learning models of the past. There are some great opportunities here, but the
work is not done yet. We still haven’t worked out how to ensure this feature
will be the most effective for security teams.” James Robinson, CISO at
Netskope, tells CSO, “It’s still very early days. It’s rapidly developing. The
research reports are coming out amazingly fast, and there’s a lot of excitement
and investment. The landscape continues to evolve. That’s one thing CISOs must
be prepared for.” “Newer architecture and newer models are advancing by the
second nowadays,” Omar Santos
Powering Industry 4.0 with the intelligent Edge
Successful Edge deployments drive businesses to treat it as an integral part of
their business strategy. Meeting the data demands of the latest AI-powered
innovations isn't a one-person job. What’s clear is that AI is driving the
demand for Edge technologies. To meet this demand, organizations will need to
collaborate internally between IT and business teams, and externally with
managed service providers (MSPs) who can help navigate legacy systems and
protocols. Leveraging the knowledge of MSPs will be integral to finding the most
efficient and effective ways for an enterprise to deploy and leverage Edge
computing. By embracing the intelligent Edge, businesses can unlock a myriad of
benefits from operational efficiency to real-time Actionable AI – the perfect
foundation for agile and adaptable operations. As more enterprises look to adopt
the latest Edge technologies, this foundation will be critical to ensuring
seamless data processing, scalability, and the ability to adapt to evolving
business goals, but this demands orchestration across IT and business functions.
Keep in mind that going in alone on the journey can prevent enterprises from
realizing the full potential of Edge.
The Changing C-Suite: Chief AI Officer In, Chief Diversity Officer Out
Foss explained that the shift toward integrating diversity responsibilities into
broader leadership roles is partly due to the increasing expectation to do more
with less. "As organizations understand having diverse teams lead to better
outcomes and faster value creation, there's a growing consensus that all leaders
should be involved in driving these initiatives," Foss said. From the
perspective of Caroline Carruthers, CEO of global data consultancy Carruthers
and Jackson, the roles that achieve longevity in the C-suite are those that are
based around a corporate asset. "That could be anything from finance to people
to data to operations to security," she said. ... Subramanian predicted that
either the role of the chief diversity officer will evolve to encompass AI or a
new role of chief AI officer will have broader oversight across AI and data. "It
is likely that chief AI officers will develop close collaboration with security,
IT, legal, and line of business leaders," Subramanian said. She added that she
believes the roles of chief diversity officer and chief AI officer will merge,
as AI needs data and the biggest opportunities with AI have to do with data.
From data to insight to action: The very human challenges of AI transformation
The first step in AI transformation is collecting data, which today is the
easiest step. So far, Grantcharov has placed the platform in around 20
operating rooms across the U.S. Through a variety of sensors, the OR black box
captured up to 1 million data points per day per site. These included
audio-visual data of surgical procedures, electronic health records and input
from surgical devices. The data also included biometric readings from the
surgical team, such as their heart rate variability as a reflection of stress
levels, and brain activity measured by wireless EEGs. ... But here’s where
it’s also important to understand humans. AI can correlate OR accidents with
certain events, but without a working hypothesis, it’s all just noise. For
example, Grantcharov’s team hypothesized that stress could affect a surgeon’s
performance by impacting their cognitive processing and decision making. So
they designed the experiment to collect physiological data from the surgeons,
and AI was able to correlate these data with OR accidents. The finding:
Stressed-out surgeons had a 66% higher chance of making an error. ... Finally,
systems are procedures or principles put into place that make the desired
behavior the easiest to do.
UN Approves Cybercrime Treaty Despite Major Tech, Privacy Concerns
The treaty, passed on Aug. 8, will require a wide variety of companies —
financial services, travel, technology, and telecommunications firms — not
only to support domestic law enforcement, but to help with requests from
treaty signatories, says Nick Ashton-Hart, head of the Cybersecurity Tech
Accord delegation to the negotiations. "Unfortunately the draft adopted
doesn't resolve any of the issues we raised, or that any other part of the
private sector or civil society raised," he says. "Security researchers and
penetration testers — as well as investigative journalists, whistleblowers,
and others — are at risk of criminal prosecution because of the poor and vague
wording in the criminalization chapter." ... "Because the convention
allows all cooperation to take place in perpetual secrecy and has no oversight
mechanism, the convention invites abusive requests for cooperation that can be
used to undermine secure systems relied upon by billions of people and
millions of enterprises each day," he says. "Without [cooperation] from the US
and EU, there's little value in anyone else joining this..."
What Is Data Trust and Why Does It Matter?
Understanding the importance of data trust is the first step in implementing a
program to build trust between the producers and consumers of the data
products your company relies on increasingly for its success. Once you know
the benefits and risks of making data trustworthy, the hard work of
determining the best way to realize, measure, and maintain data trust begins.
Among the goals of a data trust program are promoting the company’s privacy,
security, and ethics policies, including consent management and assessing the
risks of sharing data with third parties. The most crucial aspect of a data
trust program is convincing knowledge workers that they can trust AI-based
tools. A study released recently by Salesforce found that more than half of
the global knowledge workers it surveyed don’t trust the data that’s used to
train AI systems, and 56% find it difficult to extract the information they
need from AI systems. Of the workers who don’t trust AI training data, three
out of four state that the systems don’t have the information they need to be
of use.
Quote for the day:
“Don’t let the fear of losing be
greater than the excitement of winning.” -- Robert Kiyosaki
No comments:
Post a Comment