What Will Be the Next Big Thing in AI?
The next big thing in AI will likely be advanced multimodal models that can
seamlessly integrate and process different types of data, including text,
images, audio, and video, in more human-like ways, says Dinesh Puppala,
regulatory affairs lead at Google. "We're moving beyond models that specialize
in one type of data toward AI systems that can understand and generate across
multiple modalities simultaneously, much like humans do," he notes. Advanced
multimodal models will enable more natural and context-aware human-AI
interactions. "They'll be better at understanding nuanced queries, interpreting
visual and auditory cues, and providing more holistic and relevant responses,"
Puppala predicts. ... Metacognition in AI -- systems that can think about the
way they think -- is on the mind of Isak Nti Asare, co-director of the
cybersecurity and global policy program at Indiana University. "This capability,
often described as AI self-awareness, is a necessary frontier to cross if we are
to build trustworthy systems that can explain their decisions." Current AI
systems, while advanced, often operate as "black boxes" where even their
creators cannot fully explain their outputs.
Best Practices for Sunsetting Mainframe Applications
The first crucial step in migrating from a mainframe to the cloud is the
discovery phase. During this phase, organizations must conduct a thorough
assessment of their current mainframe environment, including architecture,
applications, data, dependencies, and workflows. This comprehensive
understanding helps in identifying potential risks and planning the migration
process effectively. The insights gained are crucial for setting the stage for
the subsequent cost-benefit analysis (CBA), ensuring all stakeholders are on
board with the proposed changes. A detailed CBA is essential to evaluate the
financial feasibility and potential returns of the migration project. This
analysis should account for all costs associated with the migration, including
software licensing, cloud storage fees, and ongoing maintenance costs. It should
also highlight the benefits, such as improved operational efficiency and reduced
downtime, which are crucial for gaining stakeholder support. ... Effective risk
management is crucial for a successful migration. This involves ensuring the
availability of subject matter experts, comprehensive planning, and addressing
potential issues with legacy systems.
Security spending signals major role change for CISOs and their teams
“Expected to do more with less,” CISOs are shifting their focus, Kalinov adds.
“Instead of beefing up their internal teams, they’re focusing on risk
management, regulatory compliance, and keeping C-suite executives aware of the
evolving security landscape,” Kalinov says. James Neilson, SVP of international
sales at cybersecurity vendor OPSWAT, believes the increasing allocation of
security budgets toward software and services rather than staff reflects the
CISO’s evolving role from managing internal teams toward becoming a more
strategic, technology-driven leader. “This trend also indicates that they’re
taking on a more prominent role in risk management, ensuring that outsourced
services complement internal capabilities while maintaining agility in response
to evolving threats,” Neilson says. As a result, security organizations are also
undergoing a shift from traditionally siloed, in-house approaches toward a more
integrated, outsourced, and technology-driven model, Neilson argues.
... “Organizations increasingly rely on elements of external managed
services and advanced automation tools to manage cybersecurity, focusing
internal resources on understanding the business and its risks, defining
higher-level strategy, oversight, and risk management,” Neilson contends.
Shadow AI, Data Exposure Plague Workplace Chatbot Use
The issue is that most of the most prevalent chatbots capture whatever
information users put into prompts, which could be things like proprietary
earnings data, top-secret design plans, sensitive emails, customer data, and
more — and send it back to the large language models (LLMs), where it's used to
train the next generation of GenAI. ... ChatGPT’s creator, OpenAI, warns in its
user guide, "We are not able to delete specific prompts from your history.
Please don't share any sensitive information in your conversations." But it's
hard for the average worker to constantly be thinking about data exposure. Lisa
Plaggemier, executive director of NCA, notes one case that illustrates how the
risk can easily translate into real-world attacks. "A financial services firm
integrated a GenAI chatbot to assist with customer inquiries," Plaggemier tells
Dark Reading. "Employees inadvertently input client financial information for
context, which the chatbot then stored in an unsecured manner. This not only led
to a significant data breach, but also enabled attackers to access sensitive
client information, demonstrating how easily confidential data can be
compromised through the improper use of these tools."
Can AWS hit its sustainability targets and win the AI race?
“Once we achieve that goal, we're looking at what's next beyond that?,” Walker
says. “As you look beyond just wind and solar, we need to look at what else is
in our tool belt, especially looking further ahead to 2040 and how we're going
to reach those ultimate goals, and carbon-free energy sources are the next
evolution of that.” When asked whether carbon-free energy to the company means
nuclear, geothermal, or something else, Walker says the company is open. “We're
not limiting the options; we're looking beyond the traditional renewable sources
and seeing what else there is. Carbon-free energy sources are going to be one of
the tools that we're going to double down on and start looking at.” ...
When asked if AWS will look to acquire more data centers close to nuclear plants
or merely sign more PPAs that involve nuclear power, Walker says the company is
looking at “all of the above.” “We haven't limited our options in terms of
capacity. Depending on where we're building and at the rate we need to scale,
[it's] certainly going to be part of the conversation.” Longer term, fusion
energy could perhaps power the company’s data centers. Microsoft and OpenAI have
invested in Helion, which is promising to crack the elusive technology before
2030. Google has invested in Tae Technologies.
6 ways to apply automation in devsecops
Securing continuous development processes is an extension of collaboration
security. In most organizations today, multiple individuals on multiple teams
write code every day — fixing bugs, adding new features, improving performance,
etc. Consider an enterprise with three different teams contributing to the
application code. Each is responsible for its own area. Once Team 1 checks in
updated code, the build manager needs to ensure that this new code is compatible
with code already contributed by Teams 2 and 3. The build manager creates a new
build and scans it to ensure there are no vulnerabilities. With so much code
being contributed, automation is critical. Only by automating the build
creation, compatibility, and approval cycle can a business ensure that each step
is always taken and done in a consistent manner. ... For larger enterprises,
which may have thousands of developers checking in code daily, automation is a
matter of survival. Even smaller companies must begin putting automated
processes in place if they want to keep their developers productive while
ensuring the security of their code.
AI, AI Everywhere! But are we Truly Prepared?
AI models are reflections of the massive database they feed on and the entire
internet is on its plate. Every time a user runs a query or prompts the model
for a certain search requirement, the AI runs it through the maximum accessible
data in its capacity, figures out relevant touchpoints, and frames the responses
as demanded by the user using its intelligent capabilities. However, not
surprising that the ever-learning and self-evolving capabilities of AI models
suck in more power than its search and response process. The volume of users due
to the soaring popularity of the technology further adds to the power
consumption. ... The exercise lights up a directional path for the artificially
intelligent technology to learn and evolve in accordance. This entire process of
training an AI model can range anywhere from a few minutes to several months.
And, throughout the process, GPUs powering the machines keep running daylong
eating into large volumes of power. On the bright side, experts have pointed out
that specialised AI models are significantly more efficient in power consumption
than generic models.
Ransomware attackers hop from on-premises systems to cloud
“Storm-0501 is the latest threat actor observed to exploit weak credentials
and over-privileged accounts to move from organizations’ on-premises
environment to cloud environments. They stole credentials and used them to
gain control of the network, eventually creating persistent backdoor access to
the cloud environment and deploying ransomware to the on-premises,” Microsoft
shared last week. ... “Microsoft Entra Connect Sync is a component of
Microsoft Entra Connect that synchronizes identity data between on-premises
environments and Microsoft Entra ID,” Microsoft explained. “We can assess with
high confidence that in the recent Storm-0501 campaign, the threat actor
specifically located Microsoft Entra Connect Sync servers and managed to
extract the plain text credentials of the Microsoft Entra Connect cloud and
on-premises sync accounts. The compromise of the Microsoft Entra Connect Sync
account presents a high risk to the target, as it can allow the threat actor
to set or change Microsoft Entra ID passwords of any hybrid account.” The
second approach – hijacking a Domain Admin user account that has a respective
user account in Microsoft Entra ID – is also possible.
How AI is transforming business today
“We’re seeing lots of efficiencies where back, middle, and front-end workflows
are being automated. So, yes, you can automate your existing processes, and
that’s good and you can get a 20% [improvement in efficiency]. But the real
gain is to reimagine the process itself,” she says. In fact, the gains AI can
bring when used to reimagine processes is so significant that she says AI
challenges the very concept of “process” itself. That’s because organizations
can use AI to devise ways to reach specific desired outcomes without having a
bias toward keeping and improving existing workflows. “Say you want to
increase customer satisfaction by 35%. That’s the input. It’s less about how
the process works. The process itself becomes almost irrelevant,” she
explains. “The technology is good at achieving an object, a goal, and the
concept of process itself, the sequence itself, is blown away. That is
conceptually a big shift when you think of the enterprise, which is built on
three things: people, process, and technology, and here’s a technology — AI —
that doesn’t care about a process but is instead focused on outcome. That is
truly disruptive.”
California Gov. Newsom Vetoes Hotly Debated AI Safety Bill
Newsom said he had asked generative AI experts, including Dr. Li, Tino Cuéllar
of the National Academy of Sciences Committee on Social and Ethical
Implications of Computing Research, and Jennifer Tour Chayes from the College
of Computing, Data Science, and Society at UC Berkeley, to help California
develop "workable guardrails" that focused on "developing an empirical,
science-based trajectory analysis." He also asked state agencies to expand
their assessment of AI risks from potential catastrophic events related to AI
use. "We have a responsibility to protect Californians from potentially
catastrophic risks of GenAI deployment. We will thoughtfully - and swiftly -
work toward a solution that is adaptable to this fast-moving technology and
harnesses its potential to advance the public good," he said. Among the AI
bills Newsom has signed are SB 896, which requires California's Office of
Emergency Services to expand its work assessing AI's potential threat to
critical infrastructure. The governor also directed the agency to undertake
the same risk assessment with water infrastructure providers and the
communications sector.
Quote for the day:
"Have the dogged determination to
follow through to achieve your goal, regardless of circumstances or whatever
other people say, think, or do." -- Paul Meyer
/dq/media/media_files/OMpaIOerPybvfHFpLHM2.jpg)
