(PDF) Proceedings of the AICTE Sponsored IEEE International Conference on Artificial Intelligence and Knowledge Discovery in Concurrent Engineering - (CECONF 2023) Technical Sponsor: IEEE; Publication Partner CERA Institute, Financial Sponsor: AICT



application of ai in data security :: Article Creator

Strategies For Safeguarding Generative AI Adoption In SaaS

Yoni Shohet is the Co-Founder & CEO at Valence Security.

getty

AI tools are dominating news headlines, both in terms of the technological promise they bring and the security concerns they raise. Generative AI (GenAI), particularly integrated within SaaS applications, presents exciting opportunities for businesses to automate tasks, improve productivity and unlock innovative functionalities. However, this innovation comes with a unique set of security challenges that require immediate attention from security professionals.

The Rise Of GenAI In SaaS: A Double-Edged Sword

A recent survey of security leaders as part of Valence's 2024 State of SaaS Security Report found that half (50%) of them consider GenAI governance to be a top challenge in SaaS security. This isn't surprising. GenAI tools, often delivered as SaaS applications, easily integrate with existing business-critical applications like Microsoft 365, Google Workspace, Slack or Salesforce, accessing vast amounts of data to function. Although this data access unlocks the power of GenAI, it also creates a significant attack surface for malicious actors. For example, OpenAI's ChatGPT excels at generating different creative text formats but might need access to a user's emails and documents within the SaaS platform to function more effectively.

Understanding how GenAI tools operate and make decisions can also be challenging. This lack of transparency makes it difficult for security teams to identify and mitigate potential security risks. The rapid innovation in the GenAI space further complicates matters. New tools are constantly appearing, making it difficult for security teams to keep track of and enforce robust security policies.

Additionally, the ease of access and functionality offered by GenAI tools can lead to a lack of visibility. In fact, a September 2023 survey by The Conference Board found that 56% of U.S. Employees already use GenAI tools at work, often without IT or security approval. And because business users might overlook security considerations, they may unknowingly grant access to sensitive data to the GenAI tool.

Strategies For Governing GenAI In A SaaS Ecosystem

Although the challenges are real, there are concrete strategies security professionals can implement to govern GenAI adoption and mitigate potential risks.

Security Policy For GenAI Tools

Develop and implement a dedicated security policy for GenAI adoption. Encouragingly, 90% of respondents to our survey said their companies already have a GenAI governance policy. This policy should outline procedures for approving GenAI tools, data access best practices and user training on GenAI security risks. A clear policy framework helps ensure that all stakeholders understand their roles and responsibilities in maintaining security.

Centralized Visibility And Control

Establish a centralized platform capable of discovering GenAI integrations to manage and monitor all SaaS applications. This provides visibility into integration access privileges and helps identify unauthorized or risky GenAI tools. By consolidating oversight, security teams can more effectively enforce policies and detect anomalies.

Educate Users

Raise awareness among employees about the potential security risks associated with GenAI in SaaS. Provide training on how to identify and avoid unauthorized GenAI tools and best practices for secure GenAI usage. Educated users are a critical line of defense against security threats, as they can help identify and prevent risky behaviors.

Stay Ahead Of The Curve

The world of GenAI is constantly evolving. Maintain awareness of emerging trends and new threats by regularly assessing the security posture of your GenAI-integrated SaaS environment. Continuous learning and adaptation are essential for staying ahead of potential risks and leveraging new advancements in security technologies.

A Collaborative Future For GenAI And Security

Governing GenAI adoption within a SaaS ecosystem presents significant challenges. However, by proactively implementing a combination of the strategies outlined above, security professionals can mitigate risks and harness the immense potential of GenAI.

Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?


Protect AI Warns Of Increasing Security Risks In Open-source AI And ML Tools

A new report released today by Protect AI Inc. Is sounding an alarm over increasing security vulnerabilities in popular open-source artificial intelligence and machine learning tools, with 20 critical flaws found across various large language models.

Found through Protect AI's AI/ML "huntr" bug bounty program, which has over 15,000 community members, the vulnerabilities include significant risks in widely used tools such as ZenML, lollms and AnythingLLM. The vulnerabilities include critical issues ranging from privilege escalation, local file inclusion and path traversal attacks, which can lead to unauthorized access, data breaches and complete system takeovers.

In ZenML, the vulnerabilities included privilege escalation where unauthorized users can escalate their privileges to the server account by sending a crafted HTTP request. An attacker using the flaw could have potentially compromised the entire system, leading to unauthorized access and control.

Another critical vulnerability discovered through Protect AI's bug bounty program is a local file inclusion in lollms, which allows attackers to read or delete sensitive files on the server. The cause of the critical vulnerability was due to improper sanitization of Windows-style paths, making it vulnerable to directory traversal attacks.

Bug hunters also discovered a path traversal vulnerability in AnythingLLM that allows attackers to read, delete, or overwrite critical files, including the application's database and configuration files. The bypass, found in the normalizePath() function, can lead to data breaches, application compromise, or denial of service.

The details of the vulnerabilities published today were published ethically, with maintainers given a minimum of 45 days prior to publication to fix the vulnerabilities before the details are shared with the public. Protect AI also worked with maintainers to ensure a timely fix before publication.

"Through our own research and the huntr community, we've found the tools used in the supply chain to build the machine learning models that power AI applications to be vulnerable to unique security threats," Protect AI writes in the report. "These tools are open source and downloaded thousands of times a month to build enterprise AI Systems… They also likely come out of the box with vulnerabilities that can lead directly to complete system takeovers such as unauthenticated remote code execution or local file inclusion."

Protect AI was last in the news in May when it unveiled Sightline, a vulnerability database that provides insights into known and emerging AI and machine learning vulnerabilities along with an early warning system to defend against threats.

Image: SiliconANGLE/Ideogram Your vote of support is important to us and it helps us keep the content FREE. One click below supports our mission to provide free, deep, and relevant content.   Join our community on YouTube Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.Com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

"TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well" – Andy Jassy

THANK YOU


Unleashing The Power Of GenAI In Customer Data Platforms

Ajith Sankaran, Senior Vice President, C5i

getty

In today's data-driven world, businesses are drowning in customer information. Customer interactions are increasingly omnichannel and digital, and there is a deluge of data. There is huge value to be gained from capturing and analyzing this customer data. This is where customer data platforms (CDPs) come in. CDPs consolidate customer data from various sources, including CRM systems, e-commerce platforms, web analytics tools, social media platforms, IoT sensors, marketing automation tools, loyalty programs, third-party data providers, etc.

By integrating these data sources and developing a unified customer profile, CDPs empower businesses to deliver targeted marketing campaigns, personalized customer journeys and superior customer services, leading to higher customer satisfaction and loyalty and, ultimately, business growth. The imminent "crumbling of the third-party cookie" has only made CDPs more important for businesses.

CDP space has seen phenomenal growth, and according to IDC, the worldwide CDP applications software market is expected to grow from $2.7 billion in 2022 to $7.3 billion by 2027.

What are the challenges with adoption and gaining value from CDPs?

While the market has been growing rapidly, organizations face real challenges in adopting and gaining value from CDPs. These include:

• Maintaining high-quality, accurate and up-to-date customer data.

• Challenges with data privacy and data security.

• Enabling interdepartmental collaboration with customer data coming in from different departments.

• Managing the complexity and time required for CDP setup and integration.

• Ensuring real-time data processing and analysis with low latency in data updates and customer insights.

• Driving user adoption and proper utilization of the CDP.

• Ensuring ROI of CDP implementation and maintenance.

• Aligning CDP outcomes with business objectives and KPIs.

According to an article in Aithority, less than 60% of deployed CDPs are delivering any significant value.

Incorporating GenAI capabilities in CDPs can address some of these challenges.

According to David Wallace, research director, Customer Data and Analytics, IDC, "In 2024, expect CDPs to become more AI driven, utilizing predictive AI and generative AI to enhance real-time data processing, personalization, and insights."

With composable CDPs gaining more traction, GenAI becomes more critical as it enables us to easily pull in and integrate data streams in the CDPs. While some CDP vendors have incorporated some elements of AI and GenAI into their offerings, few have taken the lead in leveraging the larger capabilities of GenAI and LLMs. Microsoft Dynamics 365 Customer Insights is a great example of how a CDP solution can be strengthened by incorporating GenAI. (Disclosure: Microsoft is a client of C5i.)

How can we leverage the power of GenAI to drive CDP initiatives? 1. Use GenAI to drive data quality.

AI and GenAI can automatically identify and correct errors and help in the deduplication of customer data records. Use GenAI to fill in missing values and enrich data with additional insights from external sources.

2. Leverage GenAI for data integration.

GenAI can automate the process of mapping and integrating data from various sources, reducing the complexity and manual effort. Further AI models can facilitate real-time data integration, ensuring that data from different platforms is synchronized and updated instantly.

3. Ensure more efficient governance of data privacy and security.

GenAI algorithms can be used for anomaly detection and flag unusual data access patterns and potential security breaches, enhancing data security. Use GenAI to automate compliance checks and reporting to ensure compliance with regulations.

4. Use GenAI to deliver more actionable insights.

CDPs leveraging AI and GenAI can drive automated customer segmentation. Distinct and hyper-targetable customer segments are identified based on complex behavioral patterns. This allows businesses to tailor their marketing and product offerings to specific customer needs and preferences.

Some CDP vendors have incorporated GenAI-driven customer segmentation into their solutions. For example, D365 CI utilizes GenAI-driven segmentation and prediction models to automatically identify customer segments based on behavioral patterns and trends within the data. This allows businesses to create highly targeted marketing campaigns that resonate with specific customer groups.

• Use GenAI and LLM algorithms in CDPs to unlock the power of natural language processing (NLP) to analyze customer reviews, social media comments and other unstructured data sources to identify key themes and sentiments. This can then be used to develop more effective sales and marketing campaigns.

• Use GenAI for better simulation and scenario forecasting. Companies can leverage solutions such as Microsoft D365 CI—it doesn't just predict future customer behavior; it creates simulations of potential scenarios. AI models in D365 CI can be used to forecast customer lifetime value, churn risk and purchase propensity. This allows businesses to test the impact of marketing campaigns, product launches or pricing changes before implementation, minimizing risk and optimizing strategies.

5. Leverage GenAI chatbots and "co-pilots" to drive the use of CDPs.

GenAI-powered chatbots and virtual assistants can enable intuitive self-service and faster adoption of CDPs. GenAI can tailor CDP configurations to specific business needs through automated customization and delivery of persona-based recommendations. Companies should use GenAI capabilities of CDPs to generate and distribute reports tailored to the needs of different departments, fostering a unified understanding of data.

For example, D365 CI from Microsoft provides "Copilot," a GenAI virtual assistant. Users can ask Copilot questions in a natural language ("what are the factors influencing customer churn?"), and it will leverage GenAI to analyze the client's data and generate insightful answers. This eliminates the need for complex data queries and democratizes access to data insights for nontechnical users. Companies should use GenAI-powered virtual assistants to provide personalized training programs and help users utilize CDP features effectively.

Composable CDPs with generative AI models integrated into them will replace traditional CDPs eventually. It is important for organizations to leverage GenAI-powered CDPs to take full advantage of CDPs and drive higher customer engagement and business growth.

Forbes Business Council is the foremost growth and networking organization for business owners and leaders. Do I qualify?





Comments

Post a Comment

Follow It

Popular posts from this blog

Reimagining Healthcare: Unleashing the Power of Artificial ...

Image
ai toronto :: Article Creator "These Are Life-or-death Scenarios": Meet The Scientist Bringing AI To Toronto Hospitals "These are life-or-death scenarios": Meet the scientist bringing AI to Toronto hospitals Bo Wang, the new chief AI scientist at UHN—Canada's largest hospital network—on embracing tech, cutting down wait times and whether robots are coming for health care workers' jobs Photo courtesy of University Health Network In the near future, patients at Toronto's hospitals will be greeted by the stiff metallic smile of a scalpel-wielding robot. Okay, just kidding—but it's safe to say that the field of medicine will soon become a little more Jetsonesque. Case in point: the University Health Network (UHN), Canada's largest network of research hospitals, just appointed its very first chief AI scientist, Bo Wang, who has been tasked with overseeing the implementation of AI tools in hospitals across the city.
Read more

Top AI Interview Questions and Answers for 2024 | Artificial Intelligence Interview Questions

Image
natural language processing in chatbot :: Article Creator AI Chatbots Will Never Stop Hallucinating Last summer a federal judge fined a New York City law firm $5,000 after a lawyer used the artificial intelligence tool ChatGPT to draft a brief for a personal injury case. The text was full of falsehoods—including more than six entirely fabricated past cases meant to establish precedent for the personal injury suit. Similar errors are rampant across AI-generated legal outputs, researchers at Stanford University and Yale University found in a recent preprint study of three popular large language models (LLMs). There's a term for when generative AI models produce responses that don't match reality: "hallucination." Hallucination is usually framed as a technical problem with AI—one that hardworking developers will eventually solve. But many machine-learning experts don't view hallucination as fixable because it stems from LLMs doi
Read more

What is Generative AI? Everything You Need to Know

Image
application of artificial intelligence ppt :: Article Creator Artificial Intelligence A synthetic chief executive, a bot trained on employees' personalities, and a regular duel with ChatGPT — our listeners brought us their stories. By Kevin Roose, Casey Newton, Rachel Cohn, Whitney Jones, Jen Poyant, Alyssa Moxley, Dan Powell, Elisheba Ittoop and Rowan Niemisto Leveraging Artificial Intelligence Platforms To Increase Student Learning: One District's Journey Learning Tools Leveraging Artificial Intelligence Platforms to Increase Student Learning: One District's Journey As educators, we cannot afford to delay providing instruction on appropriate use of artificial intelligence platforms to our students. Doing so places them at a significant disadvantage as they enter college and/or the workforce. By Alan Meinster 05/08/24 With the relatively recent evolution of, and exponentially increasing access to, generative artificial intellig
Read more