Cranium AI
Technological capabilities of AI are evolving faster than regulations can. It is critically important that industry leaders recognize and weigh the risks and benefits associated with AI. As companies look to implement AI into their core business processes, they require a trusted third party to securely imbed and monitor that AI for threats against it.
Companies require visibility into the security, health, performance, risks, and costs of the AI resources they’re using. More importantly, companies need a trusted third party to securely embed AI into core businesses.
In November 2021, I was hired as the lead product strategist and product consultant for this project.
News.
Problem.
Companies require visibility into the security, health, performance, risks, and costs of the AI resources they’re using. Companies also need a trusted third party to securely embed AI into core businesses
Solution.
To develop a trusted, centralized and integrated AI security dashboard SaaS platform that provides visibility into the overall health of a company’s AI pipelines
Primary User Personas.
Data Science Security Director
Possesses a high level understanding of the business risks of AI pipelines
Possesses a high level overview of the threat landscape
Understands the overall health of the AI/ML system
CISO
Possesses a high level understanding of my AI pipeline’s health and risks across different business functions and technology
Has visibility into my company’s threat landscape across all systems involving AI and ML
Develops remediation strategies to protect business clients and customers
AI Security Architect
Possesses a high level understanding of my AI pipeline’s health and risks across different business functions and technology
Ensures that the data scientists have a secure and frictionless ecosystem
Understands the interaction between team members
Assigns access controls and policy privileges
Customizes the flow of data to optimize security
Secondary User Personas.
AI Engineer
AI engineers may specialize in areas such as computer vision, natural language processing, reinforcement learning, or other subfields depending on the specific requirements of their projects or organizations. Overall, the role requires a combination of technical skills, domain expertise, and a deep understanding of the ethical implications of AI technologies.
Possesses a high level understanding of the business risks within AI pipelines
Supports the data team by safely and effectively deploying AI models into production
Troubleshoots and fixes bugs in production
Analyzes and optimize AI pipelines
Data Scientist
Sets up secure and reliable training and testing environment for developing AI models
Develop, train, and optimize machine learning models.
Leverages data to enhance business functions and increase performance
Understand if AI models are behaving appropriately and producing reliable results
Monitors models for performance
Utilize libraries and frameworks like TensorFlow, PyTorch, or scikit-learn
Use Cases.
Data Poisoning
When public or internal data sets have been tampered
More impactful if done on raw data sets
Causes downstream effects in the pipeline
Inference Attacks
Bad actor strategically pings app in order to extract or replicate model
Unusual activity on the production side of the AI pipeline
Configuration Vulnerabilities
Vulnerabilities that allow unauthorized access to company’s IP
Similar to traditional cyber attacks
Model Drift
Constant monitoring of both inputs and outputs of the model is needed
What does the platform tell us?
A high level overview of a company's overall AI pipeline health
Visibility into AI assets
Status of AI notable events and incidents
Are the AI pipelines behaving appropriately?
Have AI pipelines been compromised? How, by who, why?
What are the downstream and business effects of compromise?