Securing the next frontier of AI innovation

AI For Business
Michael LewisLeave a Comment on Securing the next frontier of AI innovation


Securing the next frontier of AI innovation

AI will soon be deeply embedded in the fabric of business, and you can't afford to add security as an afterthought.

Kevin Skapinetz Vice President, Security Strategy, IBM

May 6, 2024

Generative AI has great potential to transform business operations and our daily lives. But ultimately, AI's potential lies in trust. Erosion of trust in AI can curb investment, adoption, and the ability to rely on these systems for their intended purposes, turning the promise of AI into a liability and sunk cost.

Just as the industry has traditionally worked to secure servers, networks, applications, and the cloud, AI is the next big platform we need to secure. But this time we can't afford to fail. Because generative AI will soon become deeply embedded in the very fabric of business, the foundation on which key decisions, operations, and customer interactions are built. If you don't build security into that foundation from the beginning, continued breaches of trust can quickly undermine it.

That's why we need to build security into our AI models and the application stacks they revolutionize. today – We are still at the forefront of that adoption curve. In other words, security must also be part of the ground crew as companies plan and invest in AI.

While many people think security will be an obstacle on this journey, we think: Security actually helps create the trust needed to accelerate AI use cases Move from proof of concept to production faster.

To make this a reality, IBM new data To gain a deeper understanding of current executive perspectives on the security of generative AI. moreover, A framework for securing generative AI We help businesses navigate and prioritize these security efforts. IBM also offers one of the most comprehensive data, AI, and security portfolios in the industry. It is designed to help enterprises easily embed security and governance into the foundation of their AI-powered business.

Global survey reveals executive perspectives on security gLively A.I.

Most AI projects are driven by business and operations teams, so it's imperative that security leaders have a deep understanding of business priorities and participate in these conversations from a risk-driven perspective.

new research [1] IBM Institute for Business Value paper sheds light on executives' perspectives and priorities on the risks and adoption of generative AI, revealing a surprising disconnect between security concerns and demands for rapid innovation. I'm doing it. Although 82% of respondents agree that secure and reliable AI is critical to business success, 69% of those surveyed still say innovation takes precedence over security.

The study also found that one of the biggest concerns for business leaders is not knowing what they don't know, and that generative AI is an area of ​​new risk and opportunity. .

  • Most C-suite respondents were concerned about: New and unpredictable security risks Generative AI findings: 51% of respondents are concerned about unpredictable risks and new security vulnerabilities, and 47% are concerned about new attacks targeting AI.

  • Almost half (47%) expressed uncertainty about: where and how much to invest When it comes to GenAI and its business operations;

Business leaders recognize the importance of secure and reliable AI, but the uncharted nature of this new frontier may prevent them from taking the necessary steps to protect AI today. in fact, Less than a quarter (24%) of respondents said they would include security. As part of a current generative AI project.

Framework helps enterprises navigate and prioritize AI security investments based on risk

To help organizations better understand and address these challenges, some of the leading experts across IBM have created a framework for securing generative AI. This framework is designed to help enterprises understand the threats they are most likely to encounter regarding the deployment of generative AI and prioritize defenses accordingly. Aligned with AI-specific risks, he also provides three core pillars to help enterprises get a comprehensive view of AI security.

  • Protect your data: AI poses increased data security risks as sensitive data is centrally managed and accessed for training purposes. Enterprises should focus on protecting the underlying AI training data by protecting it from sensitive data theft, manipulation, and compliance violations.

  • Safely develop models: AI-enabled apps are built in entirely new ways, increasing the risk of introducing new vulnerabilities. Prioritize securing your AI model development by scanning for vulnerabilities in your pipeline, tightening integrations, and enforcing policies and access.

  • Safe usage: Attackers use model inference to try to hijack or manipulate the behavior of AI models. Enterprises need to protect the use of AI models by detecting data and leaks and alerting on evasion, contamination, exfiltration, or inference attacks.

Beyond these three pillars, security leaders need to know that one of their first lines of defense is secure infrastructure – And you need to optimize security across the broader environment that hosts your AI systems.

New regulations and public scrutiny of responsible AI also require organizations to: Robust AI governance It is put in place to manage accuracy, privacy, transparency, and explainability. In this context, organizations should strive to more tightly integrate their security and data governance programs to drive consistent policy, enforcement, and reporting between the two historically siled areas. there is.

IBM helps clients build security into their AI deployments

IBM has decades of leadership in both security and AI for business, and we can provide both the expertise and a robust portfolio of technologies and services to help you secure your AI journey. IBM is committed to delivering products that build trust, leverage open architecture, and facilitate connections between security, risk, and governance programs.

  • IBM Consulting Cybersecurity Services From planning and development to continuous monitoring and governance, we help organizations navigate AI transformation with security at the forefront.

    • IBM is launching new IBM X-Force Red Testing Services for AI, designed to test the security of generated AI applications, MLSecOps pipelines, and AI models from an attacker-driven perspective. Delivered by a dedicated team with deep expertise across data science, AI red teaming, and application pen testing, this approach pinpoints and addresses the weaknesses that attackers are most likely to exploit in today's real world. will help you.

    • IBM Consulting's new active governance framework I will help Organizations can leverage AI and automation to gain a continuous and comprehensive view of their cyber risks. In the AI ​​era, building a robust AI governance model and incorporating it into your cybersecurity program is essential to managing risk across your enterprise, especially given evolving policies and regulations.

  • IBM software We help our clients discover, protect, and secure access to sensitive data used in AI deployments, while also securing access to these systems. The two important components are:

    • Data security: Our IBM Security Guardium portfolio helps protect data wherever it resides, including data security posture management designed to help enterprises find sensitive “shadow” data and manage its movement between applications. Helpful. Over time, we are working to expand these capabilities to help enterprises discover and protect the AI ​​models used within their businesses, understand risks, and accelerate adoption.

    • Identity and access: Last year, identity-based attacks became the number one entry point for attackers.[2] This risk becomes even greater as AI integrates a company's most sensitive data and intellectual property, making it important to protect access to these systems. IBM Security Verify provides a comprehensive set of identity and access management capabilities. Built with an open, vendor-neutral approach to create a more consistent “identity fabric” for enterprises to manage identity risk across a wide range of legacy and cloud-based technology stacks Helpful.

IBM also provides businesses with watsonx Portfolio – Help businesses build custom AI applications, manage data sources, and accelerate AI workflows, all from a single platform. Specifically, watsonx.governance allows enterprises to manage generative AI models built from any vendor and helps assess and monitor AI model behavior, including drift, bias, and quality. , assisting businesses with their obligations to comply with new regulations and policies around the world.

With AI poised to transform the business landscape as we know it, businesses cannot afford to add security as an afterthought. Security needs to be built in from the ground level, starting today. Because AI's potential depends on trust, security may ultimately be the secret ingredient that determines which generative AI projects are success stories and which are sunk costs.

Read the report: Securing generative AI: What matters now?

Explore frameworks for securing generative AI


Statements regarding IBM's future direction and intentions are subject to change or withdrawal without notice and represent goals and objectives only.



Source link

Related Posts

Gen AI plays central role in chairman's communications to shareholders

Michael Lewis

Canva’s CEO on its big pivot to AI enterprise software

Michael Lewis

Sapphire Venture to invest more than $1 billion in enterprise AI startups

Michael Lewis

Leave a Reply

Your email address will not be published. Required fields are marked *