As a science-loving kid growing up in the 1970s, using artificial intelligence to perform specific, often complex tasks seemed like the logical next step for society.
Looking back, I smile at my younger self's enthusiasm for a technology that was still many years away.
The intense focus on AI around the world today, and how it can be used and misused, has me reflecting on my own journey with technology.
My passion is applying AI to security to keep the large-scale information systems that connect society robust and protected.
But behind it lies an understanding that issues of trust and reliability need to be addressed holistically, and that issues of risk and responsibility to others need to be taken seriously.
From Undergraduate to Innovator
My passion for AI began when I was studying Computer Science and Mathematics at university in the late 1980s. As a university student, I was doing normal things like learning to drive, working a part-time job, and hanging out with friends, but I was also working on special projects that involved AI.
In 1989 I created the world's first so-called “digital twin” of a zinc processing plant.
Zinc has always been of great value, used in everything from galvanized iron to paints and even medicines. The process of extracting zinc was energy-intensive, labor-intensive and rife with potential for failure.
Solving this problem was a good starting point for me to begin my journey of creating a virtual digital simulation. Based on hundreds of pages of complex mathematical equations, I created a thermodynamic simulation of the plant.
It was essentially a digital operating model that simulated the flow of energy during the extraction of minerals and precious metals from raw ore.
During his senior year, he deployed AI to do predictive modeling, which allowed him to simulate different conditions and improvements to the plant, including what would happen if certain changes were made to the environment.
They could predict how much energy would be consumed if conditions changed and what would go wrong (such as too high temperature or pressure).
In processing plants, once a problem occurs it takes a lot of effort to fix, but simulation allows operators to take preventative measures.
That was in 1991. At the time, we didn’t realize that both the “digital twin” and the AI model were world firsts.
After graduating I worked at CSIRO for a few years and then won a scholarship from Microsoft to do my PhD, building what was then the world's first AI-generated website.
After spending almost 15 years working in research and development, using AI, and partnering with and building startups, I decided to transition into law enforcement and national security, hoping to use my experience to make the world a safer place.
International Security
In the mid-2010s, cyber security became a real concern. Before that, cyber security was mostly seen as a “behind the scenes IT job” and not very interesting or important. But suddenly, that changed.
I spent most of my 14 years in government building new intelligence and security capabilities or improving existing ones, including new intelligence and analytics platforms and partnerships at the financial crimes agency AUSTRAC and the Australian Crime Commission, the New South Wales Government (with Cyber Security NSW as its first Government Chief Information Security Officer), Services Australia’s new data and analytics division (as its first Chief Data Officer) and the Department of Defence’s new data division (as its first Chief Data Integration Officer).
We have also built diverse human capacity, including in partnerships with international security and law enforcement agencies.
It was difficult to move away from national security and defense because it was a great opportunity to contribute to national and global security.
I joined ANZ in August last year. What intrigued me was the bank's purpose: “Shape communities and the world where people thrive.” At first, I couldn't believe that the bank could really deliver on this purpose.
When I interviewed CEO Shane Elliott, I asked him about this and he said: He spent a lot of time explaining the purpose and answering my questions about how it applies in practice.
It taught me that a statement of purpose isn't just something on a piece of paper or written on the side of a building, it's real — it's lived and practiced by people throughout the organization.
Clear and strong leadership from the top has created a culture of wanting to do the right thing for our customers and our community.
My focus is ensuring that the security operating model is understood and owned across the organisation, ensuring everyone plays their part in keeping the bank and our customers safe.
One thing we noticed right away at ANZ was the intense focus on compliance – important when risks are stable, but even more so in an unprecedented, fast-paced cyber security environment.
The challenge for us is to ensure that our security operating model is in place and is adaptable and flexible enough to respond when dramatic change occurs.
Trusted Core
Why do I, a “technology professional”, care so much about ANZ's purpose and values?
Without these, we wouldn't know what to do with current and emerging technologies. We need to understand them as more than just concepts.
A lot of people talk about ethics and trust. Essentially, ethics is just one of many pillars of trust, along with security, privacy, human rights, quality, and fairness. How do we behave in a trustworthy way to earn and maintain this trust?
Even if you act ethically, if you get it wrong through poor decision-making, lack of security, or avoiding responding appropriately to risk, you will lose trust.
In today's world, you can lose trust by not innovating, innovating too slowly, or innovating too quickly and cutting corners. This can mean not giving your customers what they need. And if you don't communicate effectively, this can also erode trust.
After all, it's much easier to lose trust than to gain it. It takes years to earn it, but only seconds to lose it. What we do, at the end of the day, is about earning and maintaining trust – proving we're worthy of it by using the best technology to enable secure business transformation.
The Department of Defense talks about the “airworthiness” and “seaworthiness” of its capabilities. In the same way, we need to think about the reliability of the systems we build.
Dr Marija Milosavljevic is ANZ's Chief Information Security Officer.
