September 29, 2024
Kannan Subbiah
FCA | CISA | CGEIT | CCISO | GRC Consulting | Independent Director | Enterprise & Solution Architecture | BU Soft Tech | itTrident | Former Sr. VP & CTO of MF Utilities
Operational systems with significant unstructured data will face substantial re-architecting due to generative AI’s ability to make use of previously underutilized data sources. In our experience, the most common solution patterns for generative AI use cases in operational systems fall within the areas of content generation, knowledge management, and reporting and documentation ... As generative AI model use cases get deployed across critical systems and complexity increases, it will put further demands on collaboration, quality control, reliability, and scalability. AI models will need to be treated with the same discipline as software code by adopting MLOps processes that use DevOps to manage models through their life cycle. Companies should set up a federated AI development model in line with the AIaaS platform. This should define the roles of teams that produce and consume AI services, as well as the processes for federated contribution and how datasets and models are to be shared. Given the pace of evolution of generative AI, it is also imperative to create AI-first software development processes that allow for rapid iteration of new solutions and architectures.?
EPSS is a model that provides a daily estimate of the probability that a vulnerability will be exploited in the wild within the next 30 days. The model produces a score between 0 and 1 (0 and 100%), with higher scores indicating a higher probability of exploitation. The model works by collecting a wide range of vulnerability information from various sources, such as the National Vulnerability Database (NVD), CISA KEV, and Exploit-DB, along with evidence of exploitation activity. ... By considering EPSS when prioritizing vulnerabilities, organizations can better align their remediation efforts with the actual threat landscape. For example, if EPSS indicates a high probability of exploitation for a vulnerability with a relatively low CVSS score, security teams might consider prioritizing that vulnerability over others that may have higher CVSS scores but a lower likelihood of exploitability. ...?Intruder is a cloud-based security platform that helps businesses manage their attack surface and identify vulnerabilities before they can be exploited. By offering continuous security monitoring, attack surface management, and intelligent threat prioritization, Intruder allows teams to focus on the most critical risks while simplifying cybersecurity.
As enterprises rush to adopt AI technologies, there's a growing concern about the responsible use of these powerful tools. Ramaswamy stresses the importance of a thoughtful approach to AI implementation: "We mandated very early that any models that we train needed obviously to only take data that we had free use rights on, but we said they also need to have model cards so that if there is a problem with the data source, you can go back, retrain a model without the data source." ... Developing a robust data strategy is essential for AI success. Organizations need a clear plan for managing, sharing, and leveraging data across the enterprise. This includes establishing data governance policies, ensuring data quality and consistency, and creating a unified data architecture that supports AI initiatives. A well-designed data strategy enables companies to break down silos, improve data accessibility, and create a solid foundation for AI-driven insights and decision-making. Embracing interoperability is another critical aspect of preparing for the enterprise AI era. Companies should look for solutions that support open data formats and easy integration with other tools and platforms.?
Unlike conventional methods that focus on structured data, linguistic analysis delves into the complexities of human communication. It examines patterns, context, and meaning in text data, allowing us to extract trends and insights from sources like social media posts, customer reviews, and open-ended survey responses. Linguistic analysis in data science marries principles from the two fields. From linguistics, we borrow concepts like syntax (sentence structure), semantics (meaning), and pragmatics (context). These help us understand not just what words say, but how they’re used and what they imply. On the data science side, we leverage technologies like machine learning and natural language processing (NLP). These technologies allow us to automate the analysis of large volumes of text, identify patterns, and extract meaningful information at scale. ... Sentiment analysis is the process of determining the emotional tone behind words. It analyzes language to understand attitudes, opinions, and emotions expressed within text and identify whether a piece of text is positive, negative, or neutral.
It is likely that the use of synthetic data will increase in the AI space. Gartner anticipates that it will outweigh the use of real data in AI models by 2030. “The use of it is going to grow over time, and if done correctly, [it will] allow us to create more evolved, more powerful, and more numerous models to inform the software that we're building,” Brown predicts. That potential future seems bright, but the road there is likely to come with a learning curve. “Mistakes are going to be made almost undoubtedly in the use of synthetic data initially. You're going to forget a key metric that would judge quality of data,” says Brown. “You're going to implement a biased model of some sort or a model that hallucinates maybe more than a previous model did.” Mistakes may be inevitable, but there will be new ways to combat them. As the use of synthetic data scales, the development of tools for robust quality checks will need to as well. “Just the same way that we've kept food quality high, we [need to] do the same thing to keep the model quality high,” Hazard argues.
When ITDR entered the picture in 2020, it was in response to a cybersecurity industry struggling to protect suddenly remote COVID-era workforces with existing identity and access management (IAM) solutions. ... Organizations should never attempt to solve cybersecurity issues they’re not prepared to handle. Investing in the right specialists — whether in-house or externally — and ongoing training is essential to maintaining strong defenses. Your organization will fall behind quickly if your team isn’t continuously evolving. Where business leaders are concerned, cybersecurity is often an attractive place to trim expenses. But businesses simply cannot cut their cybersecurity budget and hope they don’t suffer a breach. Hackers aren’t stopping, so you can’t either. ... Operating on an “it won’t happen to us” mindset will always get your organization in trouble. When it comes to strengthening your organization’s cybersecurity posture, a shift from a reactive to a proactive mindset is crucial to staying ahead of evolving threats and preventing costly and damaging breaches. A comprehensive, identity-focused cybersecurity is the best way to proactively defend against threats.?