Intelligent CISO Issue 25 | Page 38

FEATURE The most chronic skills shortages in technology are centred around ML modelling and data science. part of their original business strategy for adopting these technologies. However, they need to understand the importance of looking for security vulnerabilities during model building and recognise why protecting critical information is so important in the initial steps. It is essential for both businesses, but also those individuals working in AI and ML developments to equip themselves with the right knowledge to take the appropriate data safety precautions, only then will they be able to confidently ensure security and privacy. Despite the lack of attention to security and privacy concerns with Machine Learning development, the majority of resources are focused on ensuring AI projects are accurate and successful. For example, 55% of developers mitigate against unexpected outcomes or predictions, but a large number who don’t still remain. Furthermore, 16% of respondents don’t check for any risks at all during development. This lack of due diligence is likely due to numerous internal challenges and factors, but surprisingly, a big part of this problem is having the skills and resources to complete these critical aspects of the development process. In fact, the most chronic skills shortages in technology are centred around ML modelling and data science. To make progress in the areas of security, privacy and ethics, organisations urgently need to address this. What can be done? AI maturity and usage has grown exponentially in the last year. However, considerable hurdles remain that keep it from reaching critical mass. To ensure that AI and ML are both represented by the masses and that they can be used in a safe way, organisations need to adopt certain best practices. One of these is making sure technologists that build AI models reflect the broader population. Both from a data set and developer perspective this can be difficult, especially in the technology’s infancy. This means it is vital that developers are aware of the issues that are relevant to the diverse Organisations need to understand the essentials and ensure they invest time and resources to get security and ethics right. 38 Issue 25 | www.intelligentciso.com