Using AI, Target determined a girl was pregnant violating her privacy. A medical AI misdiagnosed black patients disproportionately. Longshoremen went on strike primarily to stop AI from taking their jobs.

Last year’s InfoSec World had many presentations on “AI”. They discussed threats, benefits, and applications of AI. They also covered how AI is violating privacy, taking away jobs, presents a danger to society, revolutionizing society. etc. They discussed AI as an entity. None I found addressed what AI actually is.

AI is a broad term for a set of mathematical algorithms the attempt to reason, learn, and act in a way that normally requires human intelligence. AI did not determine a girl was pregnant. Algorithms identified the girl’s buying patterns and recommended future purchases based on shoppers with similar buying patterns. AI didn’t systematically and intentionally misdiagnose patients. Programmers did not include race as an attribute relevant to diagnosis, because they ironically believed programming for race was itself discriminatory. Robotics can replace manual, repetitive labor.

AI algorithms have been around for decades but have not been practical due to limited processing speeds and available data. We now have faster processors as well as massive amounts of available data.

This presentation will break down what is AI and the components that go into an AI model. I address what it takes to create and secure an AI model, specifically the algorithm, training data, attribute selection, data security, model security, computer security, output security, and application of the AI model.

I then discuss the categories of AI which include machine learning, computer vision, robotics, neural networks, generative AI, automation, among others. The threats and benefits of each will be discussed in principle, along with the security, ethical, and logistical concerns of each.

I then breakdown and translate the FUD regarding things such as privacy, taking jobs, killing people, etc. For ex, when someone says AI is invading privacy, they will know that an AI model takes data about individuals, puts it through algorithms, and categorizes and predicting traits, assumed actions, etc based on models and history of similar individuals.  They then understand the issue is not with “AI” but the application and use of information, which then allows people to make informed decisions to act upon or create policies not driven by FUD but knowledge.