Don't Leave AI Governance To The Machines

Uploaded on 2018-07-17 in TECHNOLOGY-Key Areas-Artificial Intelligence, NEWS-Cybersecurity News, FREE TO VIEW, TECHNOLOGY--Developments

Many companies are entrusting their top business-critical operations and decisions to artificial intelligence.

Rather than traditional, rule-based programming, users now have the ability to provide machine data, define outcomes, and let it create its own algorithms and provide recommendations to the business. For instance, an auto insurance company can feed a machine a library of photos of previous totaled cars with data on their make, model and payout. 

The system can then be “trained” to review future incidents, determine if a car is totaled, and give a recommended payout amount. This streamlines the review process, which is both a positive for the company and customer.

With the ability for AI to arrive at its own conclusions, governance over the machines is critical for the sake of business executives and customers alike. 

Was the machine accurate in its review of the accident photos? Was the customer paid the right amount? 
By taking the proper measures, organisations can gain clarity and ensure they are using these tools responsibly and to everyone’s benefit.  Here are three areas to keep in mind. 

Traceability sheds light on machine reasoning and logic 
In a recent Genpact study of C-suite and other senior executives, 63 percent of respondents said that they find it important to be able to trace an AI-enabled machine’s reasoning path. After all, traceability helps with articulating decisions to customers, such as in a loan approval.

Traceability is also critical for compliance and meeting regulatory requirements, especially with the implementation of the General Data Protection Regulation (GDPR) in Europe, which has affected practically every global company today. 
One critical GDPR requirement is that any organisation using automation in decision-making must disclose the logic involved in the processing to the data subject. Without traceability, companies can struggle to communicate the machine’s logic and face penalties from regulatory bodies.

The right controls and human intervention remain paramount 
By design, AI enables enterprises to review large datasets and delivers intelligence to facilitate decisions at far greater scale and speed than humanly possible. However, organisations cannot leave these systems to run in autopilot. There needs to be command and control by humans. 

For example, a social media platform can use natural language processing to review users’ posts for warning signs of gun violence or suicidal thoughts. The system can comb through billions of posts and connect the dots–which would be impossible for even the largest team of staff–and alert customer agents. Not every post that will be a legitimate concern so it is up to humans to verify what the machine picked up. 

This case highlights why people are still critical in the AI-driven future, as only we possess domain knowledge, business, industry, and customer intelligence acquired through experience–to validate the machine’s reasoning.

Command and control is also necessary to ensure algorithms are not being fooled or malfunctioning. For example, machines trained to identify certain types of images, such as for determining if a car is totaled for insurance purposes, can be fooled by feeding completely different images that have inherently the same pixel patterns. Why? Because the machine is analyzing the photos based on patterns, and not looking at them in the same context that human beings do.

Beware of unintentional human biases within data 
Since AI-enabled machines constantly absorb data and information, it is highly likely for biases or unwanted outcomes to emerge, such as a Chatbot that picks up inappropriate or violent language from interactions over time. However, if there is bias in the data going in, then there will be bias in what the system puts out. 

Beforehand, individual users with domain knowledge have to review the data that goes into these machines to prevent possible biases and then maintain governance to make sure that none emerges over time. 

With more visibility, understanding of their data and governance over AI, companies can proactively assess the machine’s business rules or acquired patterns before they are adopted and rolled out across the enterprise and to customers. At its root, responsible use of AI is all about trust. Companies, customers, and regulatory agencies want to trust that these intelligent systems are processing information and feeding back recommendations in the right fashion. They want to be clear that the business outcomes created by these machines are in everyone’s best interest. 

By applying the various techniques discussed above, organisations can strengthen this trust with better understanding of the AI’s reasoning path, communication of decisions to customers, regulatory compliance, and command and control to ensure that they have clarity and can always make the best decisions.

Information Week

You Might Also Read: 

Computer Says No:

AI Can Win At Poker But Who Is Overseeing Computer Ethics?:
 

 

« For Sale: Access To Airport Security
Putin Says Russia The Target Of 25m World Cup Cyber Attacks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Global Digital Forensics (GDF)

Global Digital Forensics (GDF)

GDF specialise in Digital Forensics and e-Discovery. Other services include Data Breach Response and Cyber Security.

CERT Bulgaria (CERT.BG)

CERT Bulgaria (CERT.BG)

CERT Bulfaria is the National Computer Security Incidents Response Team for Bulgaria.

BMS Group

BMS Group

BMS is an independent, employee-owned specialist insurance broking group. Broking solutions include Cyber and Technology.

MPC Alliance

MPC Alliance

A consortium of developers and practitioners of multiparty computation (MPC), committed to accelerating market awareness and adoption of MPC to increase the security and privacy of online services.

Nihon Cyber Defense

Nihon Cyber Defense

Nihon Cyber Defence’s mission is to provide robust solutions, services and support to governments, corporates and organisations in order to protect them from all forms of cyber warfare.

Key Cyber Solutions

Key Cyber Solutions

Key Cyber is an IT consulting firm that specializes in agile software development services, program management and infrastructure services, cyber security and cloud and managed services.

Kratos Defense & Security Solutions

Kratos Defense & Security Solutions

The Kratos Space, Training, and Cybersecurity division addresses key cybersecurity challenges, including cloud security, continuous monitoring, IT security, and risk management.

LogMeIn

LogMeIn

LogMeIn makes it possible for millions of people and businesses around the globe to do their best work simply and securely—on any device, from any location and at any time.

Akito

Akito

Akito was set up to become a point of reference in the ICT market for issues related to Security and in particular Cyber Security.

Quantexa

Quantexa

Quantexa automates millions of operational decisions, at scale, across multiple business units, including Anti-Money Laundering, Know-Your-Customer, Fraud, Credit Risk and Customer Intelligence.

US Marine Corps Forces Cyberspace Command (MARFORCYBER)

US Marine Corps Forces Cyberspace Command (MARFORCYBER)

US Marine Corps Forces Cyberspace Command (MARFORCYBER) conducts full spectrum military cyberspace operations in order to enable freedom of action in cyberspace and deny the same to the adversary.

Framatome

Framatome

Framatome Cybersecurity portfolio is directly inspired by its unique experience in nuclear safety for critical information systems and electrical systems design.

Armexa

Armexa

Armexa is a leading provider of advanced industrial cybersecurity solutions that protect your critical OT and ICS infrastructure against ever-changing threats.

RiskOptics

RiskOptics

RiskOptics (formerly Reciprocity) equips organizations with one of the most intuitive and powerful information security and cyber risk management solutions in the market.

Flat6Labs

Flat6Labs

Flat6Labs is the MENA region’s leading seed and early stage venture capital firm, currently running the most renowned startup programs in the region.

Trustaira

Trustaira

Trustaira is the first deep tech solution and service company in Bangladesh.