Generative AI explodes, how to solve security issues?

Under the wave of generative AI, how to provide industry users with generative AI services that meet the needs of actual application scenarios is the next focus of the industry's digital transformation. The "Amazon Cloud Technology AIGC Guide to Accelerating Enterprise Innovation" white paper points out that AIGC has typical application scenarios in industries such as games, retail e-commerce, finance, media entertainment, and medical health. As the pathfinder of AI digital business, AIGC is expected to open a new chapter in the next digital business model.

"Currently, generative AI has been applied to all aspects of corporate innovation, optimizing customer experience through intelligent customer service, improving technical team productivity through automatic code generation, accelerating creative content generation through text generation, and improving efficiency through automated document processing. The operational efficiency of the entire organization, etc... Generative AI really accelerates the implementation of AI in enterprises."

Dai Wen, Director of Solution Architecture Department, Amazon Cloud Technology Greater China

Dai Wen, director of the Solution Architecture Department of Amazon Cloud Technology Greater China, said at the "2023 Amazon Cloud Technology re:Inforce China Station" that it has been a long time since we have seen a technology being applied everywhere and advancing by leaps and bounds in all walks of life at the same time. Dai Wen also discovered a very interesting phenomenon at work, that is, more and more demands for generative AI are put forward by business departments. Generative AI is not just a tool or platform for technical departments to innovate, but has become a A core means for businesses to enhance their competitiveness, this will significantly accelerate the intelligent development of various industries and will also promote the emergence of opportunities to change industry game rules.

At the same time, it is precisely because of the explosion of generative AI application scenarios that the demand from business departments is so strong, which currently brings unprecedented challenges to enterprise technology departments. The security threats of large language models and AIGC are not predictions but a fact that is happening. Take data leakage as an example. A piece of news on the Internet some time ago showed that after a large international company adopted a public chat application service based on a certain large language model, three data leakage incidents occurred within 20 days, including the leakage of product yields. , code leakage and meeting content leakage. Upon further in-depth analysis, these leaks also represent deficiencies in access control.

Faced with AIGC security challenges, what should companies do? Amazon Cloud Technology believes that security is an unavoidable issue in building generative AI applications. From the beginning of construction, enterprises need to make security a core part of the enterprise's AI strategy, especially in the current stage of rapid development. What should be done specifically? Amazon Cloud Technology recommends reviewing and building a compliance system from a full-stack technology perspective, including applications, models, data, frameworks, infrastructure, etc., so as to build AI and generative AI applications that have good user experience and are safe and compliant.

Currently, Amazon Cloud Technology has a rich product portfolio in the fields of artificial intelligence and machine learning, ranging from artificial intelligence services to large models and machine learning. For example, Amazon Cloud Technology has launched a large number of AI services, allowing customers to add AI functions to applications through simple API calls, such as image recognition, prediction and intelligent search; in terms of AIGC, Amazon Cloud Technology allows more customers to Access basic model capabilities, provide infrastructure for inference and training, improve coding efficiency for all developers, and use AIGC in your business more simply and easily; while Amazon SageMaker, a fully managed one-stop machine learning platform, is built for all developers , training and deploying models to provide maximum convenience.

Amazon Cloud Technology adheres to the product and service development concept of "reverse working method", that is, more than 95% of services are generated by continuously listening to customer needs. To date, Amazon Cloud Technology has helped more than 100,000 customers of all sizes and in all industries use machine learning to innovate. It is precisely because of its large-scale AI customer advantages that Amazon Cloud Technology can grasp the security solutions in the new AI field at the first time.

Taking AIGC access control as an example, Amazon Cloud Technology’s access control service Amazon Identity and Access Management (Amazon IAM) has successively released a number of services in the 12 years since its birth. Iterative optimization and updates are carried out by continuously listening to customer needs. This enables easy implementation of access control settings, verification and implementation in complex enterprise environments. For large models, Amazon Cloud Technology launched Amazon Bedrock and a variety of generative AI services and functions a few months ago. Amazon KMS, Amazon IAM, etc. can be perfectly integrated with Amazon Bedrock, etc. After integration, encryption, Permissions control all behavior logs.

Amazon Cloud Technology not only provides a series of technologies, services and tools to help more enterprises fully unleash the potential of generative AI, but also ensures that security compliance is the basis for conducting all businesses, including various tools for generative AI. Covers all aspects of data, models and applications. At the same time, Amazon Cloud Technology also applies AI and generative AI technology to security and compliance services to respond to complex security threats and improve compliance efficiency with more intelligent security and compliance services.

Amazon Cloud Technology uses its own experience to apply AI protection to the entire life cycle of software development, making development more convenient and safer. For example, Amazon Cloud Technology recently released two AI development security capabilities-Amazon CodeWhisperer is an Amazon Cloud technology The AI ​​programming assistant launched by Technology can use the embedded basic model to generate code suggestions in real time according to the developer's instructions. The service has a built-in code security scanning function that can help developers find difficult-to-detect vulnerabilities and make remediation suggestions; Amazon CodeGuru Security can Scan the code to find vulnerabilities in the code, including calling package vulnerabilities and other code logic vulnerabilities. It can also automatically reduce the false positive rate through artificial intelligence and machine learning in the CICD process. At the same time, it can be easily integrated into development work based on API design. process to achieve centralization and good scalability.

Ecological construction is a comprehensive guarantee for full-stack security, and Amazon Cloud Technology is also focusing on AI security. In the "2023 China Public Cloud Hosting Security Service Capability Report" recently released by IDC, Amazon Cloud Technology is one of the vendors with the most perfect scores in 7 evaluation dimensions, including expert capabilities, vulnerability and threat detection, and threat intelligence. Among them, "Ecosystem "Construction" evaluation dimension is the only manufacturer that received perfect scores.

At the 2023 Amazon Cloud Technology re:Inforce China” conference, Amazon Cloud also announced the establishment of a “joint security laboratory” with Tuya Smart. The two parties will work on confidential computing and data privacy, Matter technology cooperation and system construction and generation. AI AI jointly creates security practices in the IoT field; it cooperates with Deloitte Business Consulting to release the "White Paper on Suggestions for Chinese Enterprises Going Overseas Development 2023" to interpret the corresponding laws and regulations for Chinese overseas enterprises, analyze the problems and challenges they face, and Propose countermeasures to improve data security of overseas enterprises.

Gartner ranks generative AI as one of the most commercially promising artificial intelligence technologies. According to the 2022 artificial intelligence technology maturity curve released by Gartner, generative AI is expected to enter the production maturity stage within 2-5 years, with huge development potential and application space. According to predictions, in 2025, 30% of large organizations’ external messages will be generated by generative AI; in 2025, 50% of drug discovery and development will use generative AI; in 2027, 30% of manufacturers will use generative AI to improve product development efficiency.

Looking to the near future, generative AI is accelerating the real implementation of AI in enterprises and accelerating industrial integration and transformation. As generative AI fully penetrates into digital-real integration, full-stack security thinking must become the leader of enterprise digital transformation and the foundation for enterprises to accelerate their intelligent development. (Text/Ningchuan)

The above is the detailed content of Generative AI explodes, how to solve security issues?. For more information, please follow other related articles on the PHP Chinese website!