Artificial intelligence (AI) and privacy: 3 key security practices – The Enterprisers Project
If you are involved in next-generation digital product engineering, experimenting with artificial intelligence (AI) will help you imagine new business models, revenue streams, and experiences.
But you should be wary of wild headlines about cutting-edge AI breakthroughs. For every AlphaFold that solves a 50-year-old problem about protein folding, there are dozens of less glitzy but perhaps more impactful business AI advances that are helping to make it more responsible and privacy-conscious.
As algorithms imbibe increasingly huge data sets both in training and deployment, data privacy as it relates to AI/machiene learning (ML) will only grow in importance, especially with new regulations expanding upon GDPR, CCPA, HIPAA, etc. In fact, the FDA recently issued a new action plan for regulating AI in medical devices. Expanding regulatory frameworks are partially why data privacy is one of the most important issue of this decade.
As your organization plans for AI investments in the future, the following three AI techniques will ensure you stay compliant and secure well into the future.
1. Federated learning
Federated learning is an increasingly important ML training technique that solves one of ML’s biggest data privacy issues, especially in fields with sensitive user data, such as healthcare. The traditional wisdom of the last decade was to unsilo data wherever possible. However, the resulting data aggregation necessary to train and deploy ML algorithms has created serious privacy and security problems, especially when data is being shared between organizations.
[ Read also: 5 approaches to security automation and How to automate compliance and security with Kubernetes: 3 ways. ]
Federated learning gives you the insights of aggregated data sets while keeping the data safe and secure in non-aggregated environments. The basic premise is that local ML models are trained on private data sets, and model updates flow between the data sets to be aggregated centrally. Crucially, the data never has to leave its local environment.
In this way, the data remains secure while still giving organizations the “wisdom of the crowd.” Federated learning reduces the risk of a single attack or leak compromising the privacy of all the data because instead of sitting in a single repository, the data is spread out among many.
2. Explainable AI (XAI)
Many AI/ML models, particularly neural networks, are black boxes. Having been trained on huge amounts of data, these models are often unaccountable due to the difficulties in determining how and why they make certain decisions. To make them more accountable and transparent, we need to make them more interpretable.
To make AI/ML models more accountable and transparent, we need to make them more interpretable.
An up-and-coming area of research called explainability uses sophisticated techniques to help bring transparency to simple systems such as decision trees as well as to complex systems such as neural networks. Explanations help build trust in the system, but they also help researchers understand why mistakes are made and how to quickly fix them.
In sensitive fields such as healthcare, banking, financial services, and insurance, we can’t blindly trust AI decision-making. When approving a bank loan, for instance, we need to understand why someone was rejected, especially when we consider examples of racial bias creeping into other AI systems. As AI becomes more complex, it will become increasingly important to turn these black boxes into clear ones, and XAI should be a major area of focus for organizations developing AI systems in the future.
[ Need to speak artificial intelligence? Download Cheat sheet: AI glossary. ]
Roughly 20 years ago, DevOps revolutionized the way applications were developed, deployed, and managed. It standardized pipelines, led to dramatic increases in efficiency, and accelerated delivery times.
Today, AIOps/MLOps are doing the same thing for AI, and Cognilityca predicts that the MLOps market will expand to nearly $4 billion by 2025.
The idea is to accelerate the entire ML model lifecycle by standardizing operations, measuring performance, and automatically remediating issues. AIOps can be applied to the following three layers:
This is where containerization comes into play. Automated tools allow organizations to scale both their infrastructure and teams to keep up with capacity demands. There’s also an emerging subset of DevOps called GitOps, which specifically applies DevOps principles to cloud-based microservices running in containers.
Application performance management (APM)
According to an IDC survey, application downtime costs between $1.25 and $2.5 billion per year. APM helps organizations by simplifying application management, limiting downtime, and maximizing performance. APM solutions incorporate an AIOps approach, using AI and ML to proactively identify issues rather than taking a reactive approach.
IT service management (ITSM)
IT services are massive, representing literally any hardware, software, or computing resource the IT organization supplies to an end user — whether that be internal employees, customers, or business partners. ITSM applies AIOps to automate ticketing workflows, manage and analyze incidents, authorize and monitor documentation, etc.
While most organizations implement AIOps/MLOps for their efficiency, many are finding that APM platforms, for example, can leverage their rich data resources as early warning systems that add an extra layer of security. As the entire AI/ML lifecycle is more rigorously optimized and structured, security and privacy risks will be easier to identify and mitigate.
We’ve seen many powerful AI use cases over the last several years, but the future will be about ensuring that the AI systems behind these use cases are using data responsibly. With increased privacy regulation likely around the corner, and as organizations see that regulation actually increases transparency and trust with their customers, it’s time to proactively experiment with responsible AI. Federated learning, explainable AI, and AIOps/MLOps are three good places to start.
[ Get the eBook: Top considerations for building a production-ready AI/ML environment. ]