How to turn your IT department into AI enablers (do your homework)
While AI technologies promise many things to many people, they also come with warning tags that range from cybersecurity risks to AI ethical considerations and principles.
Implementing a (well-understood) line-of-business application is a far different proposition, and the implications of getting AI ‘wrong’ are far-reaching. So, it’s little wonder if both your cybersecurity and IT teams are reluctant to move quickly and enable the business to embrace the innovations AI can bring.
While frustrating, it’s understandable. However, it does signify that considerable homework needs to be done at the stakeholder level to deliver confidence at the IT level.
AI and security homework
ASD’s (Australian Signals Directorate) report on best practices for deploying secure and resilient AI systems ?says: “Deploying artificial intelligence (AI) systems securely requires careful setup and configuration that depends on the complexity of the AI system, the resources required (e.g., funding, technical expertise), and the infrastructure used (i.e., on-premises, cloud, or hybrid).”
Compliance with data protection rules such as the CCPA and GDPR (including the upcoming Australian Privacy Act changes, which are expected to detail requirements on automated decisions) will require your organisation to have access restrictions, encryption, and auditing capabilities. This will include using privacy-preserving approaches such as differential privacy and federated learning, which are essential to minimising privacy risks and maintaining data utility.
ASD firmly places responsibility for all of this on the shoulders of your CISO (or C-level equivalent), not your cybersecurity or IT department.
AI and ethics homework
The Australian Government has also published Australia’s 8 Artificial Intelligence (AI) Ethics Principles , an ethics framework designed to ensure AI is safe, secure, and reliable. Adhering to this framework is currently voluntary and doesn’t claim to be a substitute for existing AI regulations and practices.
The (March) 2024 EU AI Act , which does provide a comprehensive legal framework for AI systems, sets a higher global watermark for AI regulation, but it’s yet to be seen if New Zealand (which is already trailing behind) and Australia will follow suit. ?
Adopting best practice AI ethics frameworks will require responses from your cybersecurity and IT teams. But again, these decisions are far beyond the pay grade of your technology teams and are far-reaching business – not technology decisions.
领英推荐
Your IT team - a roadblock or just downright sensible?
While it might be tempting to think that your IT team is entirely responsible for enabling a safe and secure AI implementation, this is overly simplistic and doesn’t reflect the complexities associated with a remarkably powerful technology. Ownership of the controls that make AI not only safe to use but applies an ethical lens to how it’s used starts at a much higher level in the organisation.
A wary IT or cybersecurity team may be perceived as a needless roadblock to AI innovation when you are enthusiastic about harnessing its potential. But in their defence, they are justifiably hyper-conscious of the need to protect and secure your business and people as their first priority. And so should you be.
Back to The Bottom Line
Spotlight on... Cybersecurity
In the August edition of Spotlight we focused on the current cybersecurity trends facing the shores of Australia and New Zealand, including:
Our cloud, infrastructure and security solution specialist, Travis Hoult, delves into the evolving cyber landscape, highlighting the rise of Zero Trust architecture and the critical need for internal data security, particularly in the context of AI and SharePoint. He discusses the increasing prevalence of ransomware attacks and the #soPHISHticated nature of modern phishing attempts. Travis also addresses common organisational pitfalls in cybersecurity, emphasising the importance of effective employee training and the necessity of staying updated with patch management. Finally, he explains the value of comprehensive cybersecurity assessments, outlining how these tools can help organisations identify vulnerabilities, prioritise improvements, and enhance their overall security posture cost-effectively.
More from the cyberspace:
Helping people use personality to promote their brand
1 个月AI ethics is fascinating. It also places responsibility on the whole organization. Not just a single role.