Thank you dear subscribers, we are overwhelmed with your response.
Your Turn is a unique section from ThePrint featuring points of view from its subscribers. If you are a subscriber, have a point of view, please send it to us. If not, do subscribe here: https://theprint.in/
India as a Superpower needs a combined AI and Cybersecurity Regulatory Framework as its next Moonshot to help leapfrog and guide the world!
“We choose to go to the Moon in this decade and do the other things, not because they are easy, but because they are hard; because that goal will serve to organize and measure the best of our energies and skills, because that challenge is one that we are willing to accept, one we are unwilling to postpone, and one we intend to win, and the others, too.” – President JFK.
India’s August 15, 2023 Independence Day has been monumental with the world’s first landing on the South Pole of the Moon!
It’s time for the next Moonshot, in the areas of AI: Artificial Intelligence, ML: Machine Learning and Cybersecurity!
As India becomes a Superpower, it needs a combined AI and Cybersecurity Regulatory Framework to leapfrog the world!
Addressing the Global Partnership on Artificial Intelligence (GPAI) Summit in New Delhi, in December 2023, PM Modi said India is committed to responsible and ethical use of the technology.
According to McKinsey and Co., the biggest potential economic benefit of AI is that it could increase productivity significantly. They predict AI could add up to $10 trillion to U.S. GDP by 2030, and that’s just within the US. McKinsey and Co. has also predicted that Cybercrime has annual global losses of $10.5 trillion. Can an AI Regulatory Framework with Cybersecurity Risk Management help on both?
As we see in the news article in The Diplomat, entitled: “Resolving India’s AI Regulation Dilemma” from November 4th 2023, two approaches are proposed, a “pro-innovation” approach towards AI application development, similar to the UK and the US, or should India adopt a “risk-based” policy like the European Union has proposed? Why not both?
The EU approach is a strategy that classifies AI products into distinct categories and assesses the potential harm an AI product could cause, accordingly stipulating the necessary precautions.
China’s “state-control” strategy towards AI regulation is ominous given how they weaponized viruses, both biological and cyber-based.
Should India adopt a “industry-specific” policy like the United States? With investment in newer startups along with patent protections afforded. Answer: An Emphatic Yes!
How?
The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) has released the first version of its new AI Risk Management Framework, AI RMF 1.0 (see Figure 1).
What can we learn from ISO 27005 Risk Management in Cybersecurity?
The ISO 27005 Risk Management Standard is part of a suite of standards for information security management (Figure 2).
To achieve this Cybersecurity Risk Management framework for AI, see Figure 4 for a suggested combination with AI/ML.
Having accurate data is important. Most machine learning algorithms require data to be in certain formats. Enterprise Data Warehouse (EDW) is a database of databases that stores data from all areas of a business, and can be a Data Lake with voice, video, unstructured data and structured data, or combinations thereof and often the data is transactionally used and updated in real-time. These data sources will need security, and privacy to be maintained, ideally with RBAC: Role Based Access Controls.
The key piece is MLOps above, where CI/CD is the software engineering term of Continuous Integration and Continuous Delivery as the system continuously “improves” and “learns” while Monitoring and Governance are the necessary functions for Regulatory Compliance!
Some of the key capabilities needed for the Holistic AI and Cybersecurity Risk Management and Governance Platform are:
– Provides industry-specific, guided templates empowering teams to instantly begin risk analysis
– Allows users to prioritize Risks based on their probability of occurrence and severity
– Provides an on-screen Risk Matrix based on the likelihood and severity of Risks
– Provides integrations with multiple security tools providing visibility to security vulnerabilities as well as AI/ML vulnerabilities like bias
– Gives complete visibility of Risks threats or opportunities through real-time reports & dashboards
– Allows to define and maintain instantaneous traceability between AI/ML Design, Process requirements, Risks and Hazards.
Conclusion
India can lead with a Regulatory Framework for AI/ML projects and products and should explore NIST’s latest AI Risk Management Framework guidelines combined within a holistic Cybersecurity Platform.
From a New Moon Landing to a New Year and a New World Order! Let’s Go!
Thanks… Akshay Sharma
| Bio: Akshay Sharma is a Computer Engineer, tech analyst, ex-Gartner, having authored 280+ research notes, on emerging technologies like Cybersecurity, 5G, and IoT. He is a Cybersecurity advisor, and was CTO of a Kolkata-based software firm with clients like the World Bank, India’s DRDO and US Defense sector clients. He has recently been appointed as Chief Technology Evangelist for an AI/ML startup called Accure.AI. |
These pieces are being published as they have been received – they have not been edited/fact-checked by ThePrint.