Li Weibin: Learn from the history of information security to usher in a new era of AI empowerment As an information security expert, Li Weibin discusses from the perspective of cybersecurity (Cybersecurity) whether hacking (hacking) that occurs in the cyber world may also occur in the world of AI? In addition to hackers, is it possible for AI to become a hacker? This is a very interesting and serious issue. Only by deploying in advance can we enjoy the sweet fruits brought by AI. The following is a summary of the speech at the NExT Forum on March 3. AI for Cybersecurity VS. Security of AI First, you need to understand the definition of AI Security. The AI for Cybersecurity that people often talked about in the past refers to using AI as a fast and efficient tool to conduct information security defense through fully automated or semi-automated methods. It can also predict possible events for information security, and There is sufficient reaction time to enhance users' confidence in the system. On the other hand, at present, in many decision-making, human intervention is still required to implement AI's suggestions. Therefore, the collaborative interface between humans and AI is also a very important part. As for the Security of AI we are talking about now, it involves how to verify the specifications of the AI system, and how to ensure the functionality, safety, robustness, and fairness of AI. Can AI be trusted to make decisions? If you encounter adversarial attacks, you will need new technologies to come in. Can AI-enabled systems be trusted? This is also an issue worth pondering. What are the options for productivity and safety cost companies? Looking back at the Internet world, when all information is connected to the Internet, Internet security becomes very important. It is necessary to ensure data security from three perspectives: C (Confidentiality), I (Integrity), and A (Availability), and the service cannot be interrupted. However, there is a price to be paid to maintain the CIA, but this matter does not have such a direct impact on the business level, so in this case, information security is often regarded as a cost rather than an investment. From firewall, IPS (Intrusion Prevention System) to IDS (Intrusion Detection), there seems to be an endless supply of information security equipment, and the cost for business operators is getting higher and higher, which is relatively indifferent compared with other productivity tools. It was not until recently that many companies were implanted with ransomware and major disasters were reported that they realized the importance of information security. "Information security is important to talk about, but secondary to practice. Don't be busy when you are busy." Li Weibin said frankly, asking everyone if information security is important, no one would say it is not important, but when the invested resources conflict with the order At that time, will the boss choose to invest in equipment that directly contributes to profit, or information security equipment? Usually the former is chosen, and this is also the dilemma that information security is currently facing in the network environment.
Forum Role: Participant
Topics Started: 0
Replies Created: 0