How secure are your AI and machine learning projects?

Artificial intelligence and machine learning bring new vulnerabilities along with their benefits. Here's how several companies have minimized their risk.

1 2 Page 2
Page 2 of 2

When the people using the systems are citizen data scientists or theoretical researchers without strong backgrounds in security, this can be a problem. In addition, vendors historically roll out new features first and security second. That can be a problem when systems are rapidly deployed and then even more rapidly scaled. We’ve already seen this happen with IoT devices, cloud storage and containers.

AI platform vendors are becoming more aware of this threat and have learned from the mistakes says Raff. “I’m seeing more active inclusion of plans to include security than we might otherwise expect given the historic 'security comes last' mindset,” he says. “The ML community is more concerned about it, and the lag time is probably going to be shorter.”

Irfan Saif, principal and AI co-leader at Deloitte, agrees, especially when it comes to the major cloud platforms that support large enterprise AI workloads. “I would say, yes, they are more mature than maybe prior technologies have been in terms of the evolution of cybersecurity capabilities.”

Security checklist for AI projects

The following checklist to help secure AI projects is from Deloitte’s State of AI in the Enterprise, 3rd Edition:

  • Keep a formal inventory of all AI implementations
  • Align AI risk management with broader risk management efforts
  • Have a single executive in charge of AI-related risks
  • Conduct internal audit and testing
  • Use outside vendors to conduct independent audits and testing
  • Train practitioners how to recognize and resolve ethical issues around AI
  • Collaborate with external parties on leading practices sound AI ethics
  • Ensure that AI vendors provide unbiased systems
  • Establish policies or a board to guide AI ethics

Copyright © 2020 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
The 10 most powerful cybersecurity companies