Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
DHerrmann
Contributor II
‎04-27-2023 04:12 PM
‎04-27-2023 04:12 PM

AI - Training for Security/Risk pros

Jim Dempsey wrote n excellent blog post, " Addressing the Security Risks of AI"  https://www.lawfareblog.com/addressing-security-risks-ai

 

In it, he writes, "Our report also recommends more collaboration between cybersecurity practitioners, machine learning engineers, and adversarial machine learning researchers. Assessing AI vulnerabilities requires technical expertise that is distinct from the skill set of cybersecurity practitioners, and organizations should be cautioned against repurposing existing security teams without additional training and resources. We also note that AI security researchers and practitioners should consult with those addressing AI bias. AI fairness researchers have extensively studied how poor data, design choices, and risk decisions can produce biased outcomes. Since AI vulnerabilities may be more analogous to algorithmic bias than they are to traditional software vulnerabilities, it is important to cultivate greater engagement between the two communities. "

 

What are your thoughts?

Reply
3 Replies
Caute_cautim
Community Champion
‎04-28-2023 01:10 AM
‎04-28-2023 01:10 AM

@DHerrmann

 

I think there is more fundamental elements and governance required, frameworks such as this one:  https://www.ibm.com/topics/ai-ethics

 

Plus the fact, that all cyber security practitioners, need to understand the fundamentals such as the AI ladder, as to what the good data means, and how best to collect that data to create appropriate models.

In particular the privacy by design aspects as well.

 

Collaboration with Cybersecurity and privacy at the initial stages is essential and throughout the development process.

 

At the moment, we appear to be in the mode of new technology, lets try it, regardless of the outcomes, and implications or the impact, you need to know what is expected - rather like the old adage of "garbage in, garbage out".

 

https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwjOzo79psv-AhXjUGwGHY1fAvgQ...

 

Regards

 

Caute_Cautim

 

 

Reply
DHerrmann
Contributor II
‎05-05-2023 01:14 PM
‎05-05-2023 01:14 PM

I wish I could give you 20 kudos for that post, @Caute_cautim 

Reply
Caute_cautim
Community Champion
‎05-05-2023 08:44 PM
‎05-05-2023 08:44 PM

@DHerrmannThank you

 

Regards

 

Caute_Cautim

Reply