September 06, 2024
Kannan Subbiah
FCA | CISA | CGEIT | CCISO | GRC Consulting | Independent Director | Enterprise & Solution Architecture | BU Soft Tech | itTrident | Former Sr. VP & CTO of MF Utilities
“Quantum utility is a term that has only been coined recently, in the last 12 months or so. On the timeline that I’ve just described, there is a milestone that sits between where we are now and the beginning of this quantum advantage era. And that is this quantum utility concept. It’s basically where quantum computers are able to demonstrate, or in this case, in recent demonstrations, simulate a problem beyond the capabilities of just brute force classical computation using sufficiently large quantum computational devices. So, in this case, devices with more than 100 qubits,” she says. ... “It’s really an indication of how close we are to demonstrating quantum advantage, and where we can hopefully begin to see quantum computing computers serving as a scientific tool to explore a new scale of problems beyond brute force, classical simulation. So, it’s an indication of how close we are to quantum advantage and ideally, we’ll be hoping to see some demonstration of that in the next few years. No one really knows exactly when, but the idea is that those who are able to harness this era of quantum utility will also be among the first to achieve real quantum advantage as well.”
Skills come in a variety forms, such as hard skills, which comprise the technical skills necessary to complete tasks; soft skills, which center around a person’s interpersonal skills; and cognitive skills, which include problem solving, decision making, and logical reasoning, among other skills. Before embarking on a skills-based hiring strategy, it’s vital to have clear insight into the skills your organization already has internally, in addition to all the skills needed to complete projects and reach business goals. As you identify and categorize skills, it’s important to review job descriptions as well to ensure they’re up-to-date and don’t include any unnecessary skills or vague requirements. It’s crucial as well to evaluate how your job descriptions are written to ensure you’re drawing in the right talent for open roles. Wording job descriptions can be especially tricky when it comes to soft skills. For example, if your organization values someone who’s humble or savvy, you’ll need to identify how that translates to a skill you can list on a job description and, eventually, verify, says Hannah Johnson, senior VP for strategy and market development at IT trade association CompTIA.
“If approved, legislation in an influential state like California could help to establish industry best practices and norms for the safe and responsible use of AI,” Ashley Casovan, managing director, AI Governance Center at non-profit International Association of Privacy Professionals (IAPP), says in an email interview. California is hardly the only place with AI regulation on its radar. The EU AI Act passed earlier this year. The federal government in the US released an AI Bill of Rights, though this serves as guidance rather than regulation. Colorado and Utah enacted laws applying to the use of AI systems. “I expect that there will be more domain-specific or technology-specific legislation for AI emerging from all of the states in the coming year,” says Casovan. As quickly as it seems new AI legislation, and the accompanying debates, pops up, AI moves faster. “The biggest challenge here…is that the law has to be broad enough because if it's too specific maybe by the time it passes, it is already not relevant,” says Ruzzi. Another big part of the AI regulation challenge is agreeing on what safety in AI even means. “What safety means is…very multifaceted and ill-defined right now,” says Vartak.
Because GenAI remains a relatively novel concept that many companies are officially using only in limited contexts, it can be tempting for business decision-makers to ignore or downplay the security stakes of GenAI for the time being. They assume there will be time to figure how to secure large language models (LLMs) and mitigate data privacy risks later, once they’ve established basic GenAI use cases and strategies. Unfortunately, this attitude toward GenAI is a huge mistake, to put it mildly. It’s like learning to pilot a ship without thinking about what you’ll do if the ship sinks, or taking up a high-intensity sport without figuring out how to protect yourself from injury until you’ve already broken a bone. A healthier approach to GenAI is one in which organizations build security protections from the start. Here’s why, along with tips on how to integrate security into your organization’s GenAI strategy from day zero. ... GenAI security and data privacy challenges exist regardless of the extent to which an organization has adopted GenAI or which types of use cases it’s targeting. It’s not as if they only matter for companies making heavy use of AI or using AI in domains where special security, privacy or compliance risks apply.
The high-level treaty sets out to focus on how AI intersects with three main areas: human rights, which includes protecting against data misuse and discrimination, and ensuring privacy; protecting democracy; and protecting the “rule of law.” Essentially the third of these commits signing countries to setting up regulators to protect against “AI risks.”?The more specific aim of the treaty is as lofty as the areas it hopes to address. “The treaty provides a legal framework covering the entire lifecycle of AI systems,” the COE notes. “It promotes AI progress and innovation, while managing the risks it may pose to human rights, democracy and the rule of law. To stand the test of time, it is technology-neutral.” ... The idea seems to be that if AI does represent a mammoth change to how the world operates, if not watched carefully, not all of those changes may turn out to be for the best, so it’s important to be proactive. However there is also clearly nervousness among regulators about overstepping the mark and being accused of crimping innovation by acting too early or applying too broad a brush. AI companies have also jumped in early to proclaim that they, too, are just as interested in what’s come to be described as AI Safety.?
Ransomware as a Service (RaaS) is becoming a massive industry. The tools to create ransomware attacks are readily available online, and it’s becoming easier for people even those with limited technical skills to launch attacks. We have the largest pool of software developers in the world, and unfortunately, a small portion of them see ransomware as a way to make easy money. There are even reports of recruitment drives in certain states to hire engineers or tech-savvy individuals to develop ransomware software. ... The industries most affected by ransomware tend to be those that are heavily regulated, such as BFSI (Banking, Financial Services, and Insurance), healthcare, and insurance. These industries deal with highly valuable, critical data, which makes them prime targets for attackers. Because of the sensitive nature of the data they handle, these organizations are often willing to pay the ransom to get it back. The reason these industries are so heavily regulated is that they’re dealing with data that is more critical than in other industries. Healthcare companies, for example, are regulated by agencies like the FDA in the U.S. and their Indian equivalent. Financial services are regulated by the RBI or SEBI in India.?