Cranium AI

Technological capabilities of AI are evolving faster than regulations can. It is critically important that industry leaders recognize and weigh the risks and benefits associated with AI. As companies look to implement AI into their core business processes, they require a trusted third party to securely imbed and monitor that AI for threats against it.  

Companies require visibility into the security, health, performance, risks, and costs of the AI resources they’re using. More importantly, companies need a trusted third party to securely embed AI into core businesses. 

In November 2021, I was hired as the lead product strategist and product consultant for this project. 

News.

Problem.

Companies require visibility into the security, health, performance, risks, and costs of the AI resources they’re using. Companies also need a trusted third party to securely embed AI into core businesses

Solution.

To develop a trusted, centralized and integrated AI security dashboard SaaS platform that provides visibility into the overall health of a company’s AI pipelines

Primary User Personas.

Data Science Security Director

  • Possesses a high level understanding of the business risks of AI pipelines 

  • Possesses a high level overview of the threat landscape

  • Understands the overall health of the AI/ML system

CISO

  • Possesses a high level understanding of my AI pipeline’s health and risks across different business functions and technology

  • Has visibility into my company’s threat landscape across all systems involving AI and ML

  • Develops remediation strategies to protect business clients and customers

AI Security Architect

  • Possesses a high level understanding of my AI pipeline’s health and risks across different business functions and technology

  • Ensures that the data scientists have a secure and frictionless ecosystem

  • Understands the interaction between team members

  • Assigns access controls and policy privileges

  • Customizes the flow of data to optimize security

Secondary User Personas.

AI Engineer

AI engineers may specialize in areas such as computer vision, natural language processing, reinforcement learning, or other subfields depending on the specific requirements of their projects or organizations. Overall, the role requires a combination of technical skills, domain expertise, and a deep understanding of the ethical implications of AI technologies.

  • Possesses a high level understanding of the business risks within AI pipelines 

  • Supports the data team by safely and effectively deploying AI models into production

  • Troubleshoots and fixes bugs in production

  • Analyzes and optimize AI pipelines

Data Scientist

  • Sets up secure and reliable training and testing environment for developing AI models

  • Develop, train, and optimize machine learning models.

  • Leverages data to enhance business functions and increase performance

  • Understand if AI models are behaving appropriately and producing reliable results

  • Monitors models for performance

  • Utilize libraries and frameworks like TensorFlow, PyTorch, or scikit-learn

Use Cases.

Data Poisoning

  • When public or internal data sets have been tampered

  • More impactful if done on raw data sets

  • Causes downstream effects in the pipeline

Inference Attacks

  • Bad actor strategically pings app in order to extract or replicate model

  • Unusual activity on the production side of the AI pipeline

Configuration Vulnerabilities

  • Vulnerabilities that allow unauthorized access to company’s IP

  • Similar to traditional cyber attacks

Model Drift

  • Constant monitoring of both inputs and outputs of the model is needed

What does the platform tell us?

  • A high level overview of a company's overall AI pipeline health

  • Visibility into AI assets

  • Status of AI notable events and incidents

  • Are the AI pipelines behaving appropriately? 

  • Have AI pipelines been compromised? How, by who, why?

  • What are the downstream and business effects of compromise?