1. Introduction to AI Security
Guardians of AI, by Richard Diver

1. Introduction to AI Security

Over the last year I have had the privilege to work with experts in the field of AI safety & security, working together to understand it, draw it, and communicate it. Communicating about generative AI, how it works, and how it might be abused or manipulated, is a critical component to defending it.

A good start is to view this moment in the relatively short history of modern computing, where generative AI is possible due to several previous technologies combined to enable it at global scale:


Diagram of the technology timeline from the 1990s to 2030s
Technology adoption timeline


Each major shift in technology has brought new possibilities, both positive and negative. I remember the initial reactions to mobile computing, with the launch of the Apple iPhone, as one of denial and rejection. The problem was they didn't come with enterprise read security controls to help IT administrators manage the devices to any level of security compliance. Cloud computing also took a long time to gain adoption because we tried to secure it like we would a local network and data center - but they weren't local, and we didn't have all of the controls required to gain confidence until the platforms matured.

AI has some challenges, but we have learnt over time about the need to secure new technologies as they come out of the box. Generative AI has some unique properties that make it particularly challenging to manage, but that won't (and shouldn't) stop adoption, so we need to accelerate our learning to manage it and defend it properly.

Drawing AI systems

One of the first approaches to creating diagrams of AI safety & security that has stuck with me is the need to create a layered approach to segment the problems and solutions into a logical state. You will see the following three layers used repeatedly throughout my work as it is the simplest way to ensure we are all talking about the same problem, in the same way. Not only can we focus on each of the components, but we can zoom out and view the problem end-to-end:


Diagram with an explanation of the 3 layers of AI system
Three layers of AI safety and security


With this one model we can have a conversation from the technical components that provide security of the AI model and application integration, to the ethical considerations for the impact of certain design choices.

AI safety & security

The reason I refer to this work as AI safety & security is that we have learnt over the last year you cannot easily separate these two topics or disciplines. To properly design a secure AI system, you must consider ethics, governance, and regulation. You will also need to understand and account for the potential of statistical or economical bias, AI-generated hallucinations, and the different implementation of grounding to provide additional insights and factual content.

AI is already causing a fundamental impact in the way we do things, and it will look different in the future to what we see today. As these capabilities grow, using a framework like this will ensure the comprehensive understanding and transparency of design, which assists in communication across multiple teams in the organization, as you will see in future episodes of this newsletter.

Here is my favorite quote from this chapter:


Quote by Richard Diver "Due to the speed and comprehensive capabilities of this technology, we can no longer rely on the veneer of security that was applied in the past"
Quote by Richard Diver


The book is available now on Amazon - Guardians of AI: Building innovation with safety and security.

In the next newsletter we will explore some of the key insights from Chapter 2: Cybersecurity in the AI World.

Thank you for the valuable insights! We looked forward to diving into Guardians of AI: Building Innovation with Safety and Security, especially Chapter 1 on AI Security.

Can't wait to dive into these insightful AI security concepts. ???

Eran Alshech

Cybersecurity | Visionary | Entrepreneur | CTO | Investor | Exit X1

10 个月

Great stuff Richard Diver

Myles Madden

Sr. Marketing Lead, Enterprise at 1Password

10 个月

Book is in the Amazon cart, looking forward to reading!

Dean Gross

Identity and Security Architect at Insight - implementing cost effective security controls to mitigate risks

10 个月

I read the first 3 chapters last week. Looking forward to reading some more soon?

要查看或添加评论,请登录

Richard Diver的更多文章

  • Be passionate, not passive

    Be passionate, not passive

    Yesterday I had the opportunity to share one of my hidden "talents" at a company event. It was well received, so I am…

    12 条评论
  • 11. Threat Modeling

    11. Threat Modeling

    Today, threat modeling has been a specialized capability used in software development and system engineering. Very deep…

    2 条评论
  • 10. AI System Defense

    10. AI System Defense

    Throughout all the studying, conversations, and experiences of the last year, it is clear that defense is going to be a…

    5 条评论
  • 9. AI System Attacks

    9. AI System Attacks

    In any sports setting there is a constant shift in the game between attack and defense. While cybersecurity is not a…

  • 8. AI Harms & Risks

    8. AI Harms & Risks

    Choosing what to include, or exclude, took some time to figure out. I think what we have here is a great starting point…

    1 条评论
  • 7. Existing Risk

    7. Existing Risk

    In the world of business and technology, risk management is a well-defined and practiced profession that has evolved in…

  • 6. AI Governance

    6. AI Governance

    AI harms and threats to the safe use of AI will not only occur because of malicious actors’ intent on causing damage or…

    2 条评论
  • 5. Ethical Framework

    5. Ethical Framework

    Considerations for the safety and security of AI systems goes beyond the traditional cybersecurity focus of defending…

  • 4. AI Application Architecture

    4. AI Application Architecture

    Understanding how an AI application works is the first step in assessing the ability to secure it. The 3-layer diagram…

  • 3. Types of AI Systems

    3. Types of AI Systems

    Artificial Intelligence (AI) is a group of technologies that, when combined, provide advanced computing capabilities…

社区洞察

其他会员也浏览了