As we kick off Vol 2 of the ISHPI CyberBytes newsletter, an information sharing and education service we provide [that some might consider, a disruptive one (at least to your inbox)], letās tackle a large and [another] disruptive service I know you have heard about (and probably used) ā Artificial Intelligence (AI). In case youāre wondering what AI is, Iāll let these four tell you, the question for each: āWhat is AI?ā
- The Britannica company [think encyclopedia, and yes I know Iām dating myself here] ā Artificial intelligence (AI), the ability of a digital computer or computer-controlled robot to perform tasks commonly associated with intelligent beings.
- Gemini [Googleās AI tool] ā AI, which stands for Artificial Intelligence, is a broad field of computer science that deals with creating intelligent agents, which are systems that can reason, learn, and act autonomously.Ā Here’s a breakdown of the key aspects, essentially:
- It’s the simulation of human intelligence in machines.
- It enables machines to perform tasks that typically require human intelligence, like understanding language, analyzing data, making decisions, and even playing games.
- There are different types of AI, ranging from narrow AI (performing specific tasks) to the theoretical concept of strong AI (having general intelligence like humans).
- ChatGPT [OpenAIās AI tool] ā AI stands for Artificial Intelligence. It refers to the development of computer systems that can perform tasks that typically require human intelligence. These tasks include learning, reasoning, problem-solving, perception, language understanding, and even decision-making.
- Co-pilot [The Microsoft provided AI assistant coming to your OS] ā Artificial Intelligence (AI) refers to computer systems capable of performing tasks that historically required human intelligence. These tasks include recognizing speech, making decisions, and identifying patterns. AI is an umbrella term that encompasses various technologies, such as machine learning, deep learning, and natural language processing (NLP). Although there are philosophical debates about whether current technologies truly constitute ātrueā artificial intelligence, when most people use the term AI today, theyāre referring to machine learning-powered technologies that enable machines to perform tasks previously achievable only by humans.
For the AI tools, I asked the exact same question, but as you see there are variations in the answers, while in this case all are āin the same ballparkā and correct, that cannot be taken for granted when using AI. Now, letās pivot for a moment, while the use of AI tools has become increasingly prevalent, so have the dangers that come along with it. Letās talk about the big three to look out for [and mitigate] if you are going to use an AI tool for anything.
- Accuracy and Accountability — All AI applications have demonstrated errors in accuracy, accountability, and sourcing. Meaning, you donāt know where the AI tool learned its information [remember the adage, garbage in garbage out] and you donāt know the programing /algorithms used to create the answer. There are many AI errors that have been documented and they continue to each day (they call them āhallucinationsā) and here are some examples:
- Googleās Bard: Asked about new discoveries from the James Webb Space Telescope. Answered that the telescope “took the very first pictures of a planet outside of our own solar system.ā
- Microsoftās Bing: Failed to differentiate key data in a basic comparison of vacuum cleaners and made-up numbers in an earnings comparison between the Gap and Lulumon.
- ChatGPT: Documented case where lawyer used ChatGPT to do legal research on a case ā it made up fictional court cases that the lawyer presented in court.
- Intellectual Property (IP) and Legal Risks ā Not knowing where or how the AI tool was ātrainedā it is extremely possible to be provided an answer or product that IS protected intellectual property and if you provide that information as your ownā¦well, you can see where Iām going with that.
- Skills Gap ā By this, for this conversation, Iām referring to your (and my) skills in knowing what Iām being given from an AI tool is valid, accurate, and not protected ā Depending on the topic, we may not know if what weāre given is factual and usable.
So, while I do believe the use of AI tools to be useful and helpful, BUT not until you verify that:
- The information you fed into the tool is not protected data [classified, corporate private, or client privileged; remember all information you feed it, is used to train the tool in some manner and that ālearningā cannot be undone],
- Is not protected [legally or classified, those of you with a clearance know about the possibility of combining unclass material to where it provides information that is classified].
- and the information being provided is accurate and not an AI hallucination [can you source it?]
If you use the tools in this way, I think they can provide value and help us do better things, but please remember one thing, if nothing else, Hallucinations are common with AI as we continue to see [just search ārecent AI hallucinationā for the latest faux pas], please verify the information you receive from any AI tool with trusted sources [and yes, if you were thinking it, they also help the bad actors do what they want to do better as well, but Iāll save that for another day].
NewsletterBy:Ā Rob Collings, ISHPI’s VP of Cybersecurity | CISO
March 1, 2024