The Problem With Generative AI - Leaky Data

Generative AI has become a crucial tool in the workplace, helping with tasks like summarising meetings, drafting emails, and brainstorming new ideas. It saves time on manual tasks and boosts productivity and efficiency. Many organisations are already starting to see the benefits of using AI.

According to a recent Microsoft survey, 75% of people use AI at work, with 46% having started to use it only in the last six months, highlighting how adoption of AI is growing month after month. 
 
A notable use of AI is in handling large amounts of data. With the rise of the Internet of Things (IoT) and digital transformation, we have more data than ever. Manually processing this data is time-consuming and resource-intensive. AI accelerates this process by recognising patterns and extracting insights from vast data sets. 
 
Benefits and Risks of AI 

To fully maximise usage of AI, most organisations will need to trust external technology providers to help them implement and manage their use of the technology across the enterprise.  While AI has the power to revolutionise the way we work, it also raises important privacy and security concerns. In order to work well, AI requires large amounts of data, which can include sensitive information but running this confidential data through AI puts it at risk of exposure.

Bad actors can bypass the security protections in place to leverage, steal or corrupt the data. Organisations using AI must therefore carefully consider and address these risks.  

Confidential Computing as a Solution 

Confidential computing offers an innovative solution to these security concerns, enhancing the way we use AI by protecting data during processing.  
 
For years, cloud providers have been able to secure data while it is stored or while it is in transit, but data has been left vulnerable while being processed as it must be de-crypted in order to be analysed. Confidential computing solves this problem and expands protection to the data’s entire lifecycle, thereby eliminating vulnerability.

It works by isolating sensitive data in a protected digital space, ensuring that the content, and the techniques used to process it are encrypted and accessible only to authorised code holders.

We’re already seeing many companies turn towards confidential computing, as the global market is projected to grow from USD 14.14 billion in 2024 to USD 208.06 billion by 2032 according to a study from Fortune Business Insights. 
 
In the context of AI, confidential computing allows an organisation to input data into a generative AI model and for the model to process the data securely, without risk of leaks. This means that sensitive information is protected from bad actors and potential data leaks, ensuring that organisations can retain control over their data while using AI. 

The Future of Confidential Computing 

The main challenge with confidential computing is the cost. It requires new systems and a skilled workforce capable of managing the complexity of implementation. Organisations should assess these costs against the advantages of securing data. Today, given the expense involved, confidential computing will be most relevant for critical sectors like government, healthcare, and IT 
 
As the technology advances, companies might collaborate to use confidential computing within a trusted network. In this scenario, each company would effectively ‘rent’ a space for their processing to take place, in a way that limits them to viewing only their own data and not the information of other companies within the network. This approach would reduce costs and enhance security, since company data would be safeguarded, much like a bank protects individual finances. 
 
Confidential computing has the potential to bring significant benefits to many sectors, particularly those handling sensitive information. With more employees leveraging generative AI to help with complex tasks, confidential computing could be the solution to addressing privacy concerns, allowing safe AI usage without fear of data leaks or compromising data protection laws.

The ongoing evolution of this technology promises even more sophisticated uses of AI applications in the coming years.  

Samuel Tourbot is Head of Cloud Communications at Alcatel-Lucent Enterprise 

Image: Ideogram

You Might Also Read: 

ChatGPT - Solving AI’s Privacy Issue:


If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Phishing Scheme That Generated $11M Taken Down
What The US’s Foggy AI Regulations Mean For Today’s Cyber Compliance »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Softtek

Softtek

Softtek helps its clients to gain a competitive edge by implementing digital solutions that propel their business strategies.

Masergy Communications

Masergy Communications

Masergy delivers hybrid networking, managed security and cloud communication solutions to enterprises around the globe.

Riverside Research

Riverside Research

Riverside Research is a not-for-profit organization chartered to advance scientific research in areas including Trusted & Resilient Systems.

CERT Tonga

CERT Tonga

CERT Tonga is the national Computer Emergency Response Team for Tonga.

Scanmeter

Scanmeter

Scanmeter helps identifying vulnerabilities in software and systems before they can be exploited by an attacker.

Hallam-ICS

Hallam-ICS

Hallam-ICS designs MEP systems for facilities and plants, control and automation solutions, and ensures safety and regulatory compliance.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Concordium

Concordium

Concordium aims to build the world’s leading open-source, permissionless, and decentralized blockchain with built-in user identity at the protocol level.

Saepio Solutions

Saepio Solutions

Saepio promote an all-encompassing approach to cybersecurity, ensuring the appropriate balance of budget and resource across Policy, Product and People.

Redhorse

Redhorse

Redhorse provides top-tier consulting to help clients address mission-critical government problems in National Security, Networking Technology, Energy and the Environment.

Brightsolid

Brightsolid

Brightsolid are experts in Hybrid Cloud. We design, build and manage secure, scalable cloud environments that meet customers’ business ambitions.

Appknox

Appknox

Appknox is the world’s most powerful plug-and-play security platform that helps developers, security researchers, and enterprises to build a safe and secure mobile ecosystem.

Arelion

Arelion

Arelion is a leading light in global connectivity and we've been keeping the world connected for nearly three decades.

Certcube Labs

Certcube Labs

Certcube Labs provide a broad range of services in the areas of Assessments, Development, Risk Advisory, Blockchain, Forensics Investigations, Managed Security Solutions, and IT Security Trainings.

Lasso Security

Lasso Security

Lasso Security is a pioneer cybersecurity company ensuring comprehensive protection for businesses leveraging generative AI and other large language model technologies.

Hopper Security

Hopper Security

The Future of Open-Source Risk Management Starts Here. We built Hopper to make sure you can harness the power of Open-Source safely and effectively.