You may be thinking of adding AI into your business processes—or you may already have done so. If so, you should put some thought into securing your AI, and into what training your staff may need.
In terms of security, you should think about:
- Protecting the data you will put into AI to prevent it from leaking, or from attack. This includes not only people’s personal data, which you must protect, but also business-sensitive information:
- Data could be stolen, accidentally leaked, or possibly ‘poisoned’—this means deliberately changing the input data to damage the output.Of course, the data could also have become out of date, or be incomplete or incorrect.
- And you should consider whether you have permission to use the input data in this way.
- Protecting the AI model itself from attack, theft or decay. Think of AI as any other software product: it will need to be kept up to date. If you are using your own model, then that in itself will be your business’ intellectual property—and could be useful to a competitor.
- Protecting the output from the AI from theft, or from being manipulated—it may be possible for an attacker to reverse engineer your model from the output.
- Protecting your business from AI—by which we mean thinking through how you are going to integrate this new element into the rest of your business without causing a security problem. As a minimum, you’ll need to train your staff in how to use AI effectively, and in the new policies you’ll need. Don’t forget to think about maintaining compliance with new AI regulations as they emerge…
So there’s a lot to think about.
Training your staff in AI
DSIT and others have developed a framework of AI skills to help you think through the skills your business might need.
This framework identifies the four main audiences for AI. These are, roughly speaking:
- your customers
- those staff whose roles may be impacted by AI
- staff responsible for AI
- and those responsible for governing AI in your business.
It then identifies the competencies needed, across:
- Privacy and stewardship (the security and protection of data)
- The collection, secure storage, manipulation and curation of data—including managing sensitive data
- Problem definition and communication – defining a problem and explaining how AI can help
- Problem solving – using a range of tools to analyse a problem and presenting solutions
- Evaluation and reflection – understanding ethics, and assuring any AI model that you build
There are more details in the framework itself, so do have a look. And take a look at this, too (very time-critical, and possibly subject to change): a pilot scheme offering funding for (some) SMEs to upskill their staff in artificial intelligence.
And if you’d like help with securing AI in your business, call the Click and Protect team on 0113 733 6230 or use our contact form.
