Cloudflare recently announced that developers can now deploy AI applications on Cloudflare’s global network in one simple click directly from Hugging Face, the leading open and collaborative platform for AI builders.
With Workers AI generally available, developers can now deploy AI models in one click directly from Hugging Face, for the fastest way to access a variety of models and run inference requests on Cloudflare’s global network of GPUs.
Developers can choose one of the popular open-source models and then simply click “Deploy to Cloudflare Workers AI” to deploy a model instantly.
There are 14 curated Hugging Face models now optimised for Cloudflare’s global serverless inference platform, supporting three different task categories including text generation, embeddings, and sentence similarity.
Cloudflare is the first serverless inference partner integrated on the Hugging Face Hub for deploying models, enabling developers to quickly, easily, and affordably deploy AI globally, without managing infrastructure or paying for unused compute capacity.
Cloudflare now has GPUs deployed across more than 150 cities globally, most recently launching in Cape Town, Durban, Johannesburg, and Lagos for the first locations in Africa, as well as Amman, Buenos Aires, Mexico City, Mumbai, New Delhi, and Seoul, to provide low-latency inference around the world.
Workers AI is also expanding to support fine-tuned model weights, enabling organizations to build and deploy more specialized, domain-specific applications.
“We can solve this by abstracting away the cost and complexity of building AI-powered apps. Workers AI is one of the most affordable and accessible solutions to run inference. And with Hugging Face and Cloudflare both deeply aligned in our efforts to democratise AI in a simple, affordable way, we’re giving developers the freedom and agility to choose a model and scale their AI apps from zero to global in an instant,” Matthew Prince, CEO and co-founder, Cloudflare said.
The post Cloudflare Powers One-Click-Simple Global Deployment for AI Applications with Hugging Face appeared first on Analytics India Magazine.
The advancement of diversity, integrity, and inclusion within the technology sector has emerged as a critical focal point in recent years, particularly concerning the participation of women. This report delves into the landscape of women in technology in India, shedding light on significant trends and developments. In recent years, the participation of women in the technology sector has seen a notable upsurge, marking a transformative shift in the industry’s demographics. As the technology landscape evolves, there’s a growing recognition of the indispensable role women play in driving innovation and progress within the sector. However, challenges such as gender disparity and underrepresentation persist, underscoring the imperative for concerted efforts to foster inclusivity and equality. AIM Research, in association with Chubb as a research partner for analyzing the data collected by AIM-Research, conducted a comprehensive report aiming to illuminate the landscape of women in the tech profession and Diversity, Equity, and Inclusion (DE&I) representation within the Indian technology sector. Through an extensive analysis spanning various sectors and segments, the report provides critical insights into the status quo of gender diversity and inclusion initiatives. A focal point of the report is the DE&I survey, which offers perspectives on the prevailing landscape of DE&I representation specifically within the Indian tech sector. Key findings reveal a nuanced understanding of the challenges and opportunities surrounding women’s participation and DE&I efforts within the industry. By shedding light on current trends and perceptions, the report serves as a valuable resource for stakeholders seeking to drive meaningful change and cultivate a more inclusive tech ecosystem.
Read past year’s report:
2023
Key Highlights:
Most tech organizations in India view themselves as moderately diverse 51% or highly diverse 40%, but 9% perceive themselves as not diverse, indicating the ongoing need for improvement in diversity and inclusion efforts.
A significant portion of respondents 38% are uncertain about DE&I initiatives and policies within their organizations.
40% of respondents note tailored leadership development programs for women in their organizations, reflecting proactive steps towards gender-inclusive leadership initiatives.
The BFSI sector stands out with a significant presence of dedicated DE&I teams, with 69%.
Most organizations have implemented initiatives for diversity and inclusion in tech, including tailored leadership programs for women 40%, women-focused networking events or conferences 26%, and mentorship programs pairing women with senior leaders 23%.
Read the complete report here:
The post DE&I in Tech 2024 – India appeared first on Analytics India Magazine.
Last week, Python Package Index (PyPI) downloaded by thousands of companies, started exfiltrating sensitive customer data to an unknown server. The maintainers suspended new user registrations for a day.
It was a ‘multi-stage attack’ to steal crypto wallets, sensitive data from browsers (cookies, extensions data, etc.), and other credentials using a method called typosquatting.
This involves attackers uploading malicious packages with names deceptively similar to popular legitimate packages. Cybersecurity firm Phylum, which tracked the campaign, noted that the attackers published 67 variations of ‘requirements’, 38 variations of ‘Matplotlib’, and dozens of other misspelt variations of widely-used packages.
For a long time now, software package libraries have been the target of malware attacks. PyPI of Python, Node package manager of Javascript, RubyGems of Ruby are all prone to attacks more sophisticated than the last.
Researchers who studied malicious code in PyPI said, “Over 50% of malicious code exhibits multiple malicious behaviours, with information stealing and command execution being particularly prevalent. We observed several novel attack vectors and anti-detection techniques.”
According to the study, 74.81% of all malicious packages successfully entered end-user projects through source code installation. Researchers also said the malicious payload employed a persistence mechanism to survive reboots. Yehuda Gelb, Jossef Harush Kadouri, and Tzachi Zornstain led the research.
This is not the first time
The PyPI administrators and the Python community are actively working to combat these malicious attacks on the security of the ecosystem.
Like the measures taken last week, PyPI suspended new user registrations in November and December last year, “These temporary suspensions allow the PyPI team to triage the influx of malicious packages and implement additional security measures,” said the researchers.
Moreover, PyPI is taking proactive steps, just like other libraries. The registry now requires two-factor authentication for critical projects and packages, making it harder for attackers to hijack maintainer accounts. The team is also investing in improved malware scanning capabilities to identify and remove malicious packages quickly.
The paper also suggests that end-users should exercise caution when selecting and installing packages using pip and other tools and verify the software packages’ sources and credibility to ensure system security.
The impact of these attacks on businesses are severe. Last year, malicious Python packages stole sensitive information like AWS credentials and transmitted them to publicly accessible endpoints.
A Cat-and-Mouse Game
Since PyPI has grown in popularity, it has become an increasingly attractive target for attackers seeking to infiltrate the software supply chain. The evolution of its security measures has been a constant game of cat and mouse, with attackers continually refining their tactics and PyPI administrators working to stay one step ahead.
In the early days of PyPI, the repository relied on a largely trust-based model, prioritising ease of contribution for the growing Python community. Over the years, one of the most significant steps forward came with the introduction of two-factor authentication (2FA) for PyPI accounts.
As Donald Stufft, a PyPI administrator and maintainer since 2013, explained, “Two-factor authentication immediately neutralises the risk associated with a compromised password. If an attacker has someone’s password, that is no longer enough to give them access to that account.”
PyPI has also implemented other measures, such as API tokens for more secure package uploads and improved malware scanning tools. However, the sheer volume of packages and the constantly evolving threat landscape mean that PyPI’s security team is always playing catch-up.
Feross Aboukhadijeh, the founder of Socket, a company that provides supply chain security for JavaScript, Python, and Go dependencies, highlighted the scale of the problem, “At Socket, we see about 100 attacks like this every single week.”
Despite the challenges, the Python community has made significant progress in recent years. Stufft noted, “We’ve gotten a lot more confident in our 2FA implementation and in what the impact of enabling it is for both people publishing to PyPI, and to the PyPI team itself.”
The repository has also benefited from increased funding and resources, including the hiring of a dedicated PyPI safety and security engineer.
The impact of these attacks on businesses can be severe, as demonstrated by recent incidents where malicious Python packages stole sensitive information like AWS credentials and transmitted them to publicly accessible endpoints.
This not only puts the affected companies at risk but also exposes their customers to potential security breaches and compromised software releases.
As Aboukhadijeh put it, “Open source is one of the best things. But I think one of the things that we don’t appreciate is just the amount of trust that we place in all open source actors to be good.”
The post Open Source Libraries are Going Through Trust Issues appeared first on Analytics India Magazine.
In a significant move to bolster its automotive software capabilities, German luxury carmaker BMW Group announced that it will form a 50-50 joint venture with Indian engineering giant Tata Technologies.
The new joint venture aims to establish a major software and IT development hub in India with Pune, Bengaluru and Chennai locations. Its primary focus will be developing cutting-edge software solutions for BMW’s future vehicles.
“Our collaboration with Tata Technologies will accelerate our progress in the software-defined vehicle (SDV) field,” said Christoph Grote, BMW’s Senior VP of Software and E/E Architecture. “India has a vast talent pool with outstanding software engineering skills who can contribute to shaping premium automotive experiences like highly automated driving.”
The joint venture will commence operations with 100 experienced software professionals from Tata Technologies. However, it has ambitious growth plans to rapidly scale up to over 1,000 employees in the next few years as software becomes increasingly critical for vehicles.
“We’re excited to bring our expertise to the forefront, aiding BMW in engineering premium products and propelling its digital transformation journey,” said Warren Harris, CEO and Managing Director of Tata Technologies.
Automotive Software Focus
The joint venture will focus on developing advanced automotive software solutions, including automated driving systems, infotainment platforms, and digital services for SDVs.
The business IT side will work on digitalising and automating BMW’s product development, production, and sales processes.
“In the evolving landscape, the shift towards software-defined vehicles represents a pivotal change in automotive methodologies,” said Nachiket Paranjpe, President of Automotive Sales at Tata Technologies. “We will leverage our deep domain knowledge to engineer exceptional vehicle experiences.”
Leveraging India’s Software Talent
The partnership will leverage India’s large pool of skilled software engineers and Tata Technologies’ digital engineering capabilities to expand BMW’s global software development footprint.
“BMW’s expansion of international software hubs has proved successful. I’m pleased we found a strong tech partner in Tata to grow our presence in India,” said Alexander Buresch, BMW’s CIO.
BMW already has manufacturing operations in India, sourcing engines from Force Motors and motorcycles from TVS Motor Company. Tata Technologies, a Tata Motors subsidiary, provides engineering services to major automakers like Honda, Ford and Airbus.
The joint venture is subject to regulatory approvals. Financial terms were not disclosed.
The post BMW & Tata Tech Form JV for Automotive Software Hub in India appeared first on Analytics India Magazine.
During an interview by Brian Calvert for a March 2024 piece in Vox, climate lead and AI researcher at Hugging Face Sasha Luccioni drew a stark comparison: “From my own research, what I’ve found is that switching from a non-generative, good old-fashioned quote-unquote AI approach to a generative one can use 30 to 40 times more energy for the exact same task.”
Calvert points out that gen AI involving large language model ( LLM) training demands thousands of iterations. Additionally, much of the data in today’s training sets is more or less duplicated. If that data were fully contextualized and thereby deduplicated, such as via a semantically consistent knowledge graph, for example, far smaller training sets and training time would be sufficient.
(For more information on such a hybrid, neurosymbolic AI approach can help, see “How hybrid AI can help LLMs become more trustworthy,” https://www.datasciencecentral.com/how-hybrid-ai-can-help-llms-become-more-trustworthy/.)
So-called “foundational” model use demands truly foundational improvements that by definition will be slower to emerge. For now, LLM users and infrastructure suppliers are having to use costly methods just to keep pace. Why? LLM demand and model size is growing so quickly that capacity and bandwidth are both at a premium, and both of those are hard to come by.
Regardless of the costs, inefficiencies and inadequacies of LLMs, strong market demand continues. Hyperscale data centers continue to upgrade their facilities as rapidly as possible, and the roadmap anticipates more of the same for the next few years.
Even though developments in smaller language models are compelling, the bigger is better model size trend continues. During his keynote at Kisaco Research’s MEMCON 2024 event in Mountain View, CA in March 2024, Ziad Kahn, GM, Cloud AI and advanced Systems at Microsoft, noted that LLM size grew 750x over a two-year period ending in 2023, compared with memory bandwidth growth of just 1.6x and interconnect bandwidth of 1.4x over the same period.
The era of trillion-feature LLMs and GPU superchip big iron
What the model size growth factor implies is LLMs introduced in 2023 that are over a trillion features each.
Interestingly, the MEMCON event, now in its second year, had many high-performance computing (HPC) speakers who’ve often been focused for years on massive scientific workloads at big labs like the US Federally Funded Research and Development Centers (FFRDCs) such as Argonne National Laboratory, Lawrence Berkeley National Laboratory, and Los Alamos National Laboratory. I’m not used to seeing HPC speakers at events with mainstream attendees. Apparently that’s the available cadre that will point the way forward for now?
FFRDC funding reached $26.5 billion in 2022, according to the National Science Foundation’s National Center for Science and Engineering Statistics. Some of the scientific data from these FFRDC’s is actually now being used to train the new trillion-feature LLMs.
What’s being built to handle the training of these giant language models? Racks like Nvidia’s liquid-cooled GB200 NVL 72, which includes 72 Blackwell GPUs, 36 Grace Hopper CPUs, and an overall total of 208 billion transistors, which are interconnected with the help of fifth-generation, bi-directional NVLink. Nvidia launched the new rack system in February 2024. CEO Jensen Huang called the NVL 72 “one big GPU”.
This version of LLM big iron, as massive and intimidating as it looks, actually draws quite a bit less power than the preceding generation. While a 1.8T LLM in 2023 might have required 8,000 GPUs drawing 15 megawatts, today a comparable LLM can do the job with 2,000 Blackwell GPUs drawing four megawatts. Each rack includes nearly two miles of cabling, according to Sean Hollister, writing for The Verge in March.
My impression is that much of the innovation in this rack stuffed full of processor + memory superchips involves considerable packaging and interconnect design innovation, including space, special materials and extra cabling where they’re essential to address thermal and signal leakage concerns. More fundamental semiconductor memory technology improvements are going to take more than a few years to kick in. Why? A number of thorny issues have to be addressed at the same time, requiring design considerations that haven’t really been worked out yet.
Current realities and future dreams
Simone Bertolazzi, Principal Analyst, Memory at chip industry market research firm Yole Group, moderated an illuminating panel session near the end of MEMCON 2024. To introduce the session and provide some context, Bertolazzi highlighted the near-term promise of high-bandwidth memory (HBM), an established technology that provides higher bandwidth and lower power consumption than other technologies available to hyperscalers.
Bertolzazzi expected HBM DRAM in unit terms to grow at 151 percent year over year, with revenue growing at 162 percent through 2025. DRAM in general as of 2023 made up 54 percent of the memory market in revenue terms, or $52.1 billion, according to Yole Group. HBM has accounted for about half of total memory revenue. Total memory revenue could reach nearly $150 billion in 2024.
One of the main points panelist Ramin Farjadrad, Co-Founder & CEO at chiplet architecture innovator Eliyan made was that processing speed has increased 30,000x over the last 20 years, but that DRAM bandwidth and interconnect bandwidth have only increased 30x each during that same time period. This is the manifestation of what many at the conference called a memory or I/O wall, a lack of memory performance scaling just when these 1T learning models demand it.
This is not to mention that there are a number of long-hyped memory improvements that are sitting on the sidelines because the improvements are only proven in narrowly defined workload scenarios.
The ideal situation is that different kinds of memory could be incorporated into a single heterogeneous, multi-purpose memory fabric, making it possible to match different capabilities to different needs on demand. That’s the dream.
Not surprisingly, the reality seems to be that memory used in hyperscale data center applications will still be an established tech hodgepodge for awhile. Mike Ignatowski, Senior Fellow at AMD, did seem hopeful about getting past the 2.5D bottleneck and into 3D packaging, as well as photonic interconnects and co-packaged optics. He pointed out that HBM got started in 2013 as a collaboration between AMD and SK Hynix.
The mentioned alternative to HBM, Compute Express Link (CXL), does offer the abstraction layer essential to a truly heterogeneous memory fabric, but it’s early days yet, and it seems the performance CXL offers doesn’t yet compare.
DRAM leader Samsung, with nearly 46 percent of the market in the last quarter of 2023, according to The Korea Economic Daily, is apparently planning to increase HBM wafer starts by 6x by next year. Doesn’t seem likely that they’ll be closing the demand gap any time soon.
Big tech has substantial influence over the direction of R&D in the US. According to the National Science Foundation and the Congressional Research Service, US business R&D spending dwarfs domestic Federal or state government spending on research and development. The most recent statistics I found include these:
R&D funding source
Annual R&D spending
Information source and most recent report date
Federal agencies
$184 billion
Federal Research and Development (R&D)Funding: FY2024, Congressional Research Service, May 19, 2023. The US Federal fiscal year ends on September 30. Actuals reported were for FY 2022.
State agencies
$2 billion (excludes $691 million in Federal funds spent by state agencies)
FY 2022 Survey of State Government Research and Development, sponsored by the National Center for Science and Engineering Statistics (NCSES) within the National Science Foundation. Most states’ fiscal years end on June 30.
Business (domestic R&D)
$602 billion
2021 Business Enterprise Research and Development (BERD) Survey, compiled by National Center for Science and Engineering Statistics (NCSES) within the National Science Foundation (NSF). The US Census Bureau collected and tabulated the data.
US National Science Foundation and the Congressional Research Service, 2024
Of course, business R&D spending focuses mainly on development–76 percent versus 14 percent on applied research and seven percent on basic research.
Most state R&D spending is also development-related, and like the Federal variety tends to be largely dedicated to sectors such as healthcare that don’t directly impact system-level transformation needs.
Private sector R&D is quite concentrated in a handful of companies with dominant market shares and capitalizations. From a tech perspective, these companies might claim to be on the bleeding edge of innovation, but are all protecting cash cow legacy stacks and a legacy architecture mindset. The innovations they’re promoting in any given year are the bright and shiny objects, the VR goggles, the smart watches, the cars and the rockets. Meanwhile, what could be substantive improvement in infrastructure receives a fraction of their investment. Public sector R&D hasn’t been filling in these gaps.
A nonprofit example of misdirected investment
Back in the 2010s, I had the opportunity to go to a few TTI/Vanguard conferences, because the firm I worked for had bought an annual seat/subscription.
I was eager to go. These were great conferences because the TTI/V board was passionate about truly advanced and promising emerging tech that could have a significant impact on large-scale systems. Board members–the kind of people who the Computer History Museum designates as CHM fellows once a year–had already made their money and names for themselves. The conferences were a way for these folks to keep in touch with the latest advances and with each other, as well as a means of entertainment.
One year at a TTI/V event, a chemistry professor from Cornell gave a talk about the need for liquid, olympic swimming pool-sized batteries. He was outspoken and full of vigor, pacing constantly across the stage, and he had a great point. Why weren’t we storing the energy our power plants were generating? It was such a waste not to store it. The giant liquid batteries he described made sense as a solution to a major problem with our infrastructure.
This professor was complaining about the R&D funding he was applying for, but not receiving, to research the mammoth liquid battery idea. As a researcher, he’d looked into the R&D funding situation. He learned after a bit of digging that lots and lots of R&D funding was flowing into breast cancer research.
I immediately understood what he meant. Of course, breast cancer is a major, serious issue, one that deserves significant R&D funding. But the professor’s assertion was that breast cancer researchers couldn’t even spend all the money that was flowing in–there wasn’t enough substantive research to soak up all those funds.
Why was so much money flowing into breast cancer research? I could only conclude that the Susan G. Komen for the Cure (SGKC) foundation was so successful at its high-profile marketing efforts that they were awash in donations.
As you may know, the SGKC is the nonprofit behind the pink cure breast cancer ribbons, the pink baseball bats, cleats and other gear major sports teams don from time to time. By this point, the SGKC owns that shade of pink. Give them credit–their marketing is quite clever. Most recently, a local TV station co-hosted an SGKC More than Pink Walk in the Orlando, FL metro area.
The European Union’s public/private R&D investment model
I don’t begrudge SGKC their success. As I mentioned, I actually admire their abilities. But I do bemoan the fact that other areas with equivalent or greater potential impact are so underfunded by comparison, and that public awareness here in the US is so low when it comes to the kind of broadly promising systems-level R&D that the Cornell chemistry professor alluded to that we’ve been lacking.
By contrast, the European Union’s R&D approach over the past two decades has resulted in many insightful and beneficial breakthroughs. For example, in 2005 the Brain and Mind Institute of École Polytechnique Fédérale de Lausanne (EPFL) in Switzerland won a Future and Emerging Technologies (FET) Flagship grant to reverse engineer the brain from the European Commission, as well as funding from the Swiss government and private corporations.
For over 15 years, this Blue Brain Project succeeded in a number of areas, including a novel algorithmic classification scheme announced in 2019 for identifying and naming different neuron types such as pyramidal cells that act as antennae to collect information from other parts of the brain. This was work that benefits both healthcare and artificial intelligence.
Additionally, the open source tooling the Project has developed included Blue Brain Nexus, a standards-based knowledge graph designed to simplify, scale the sharing and enable the findabilty of various imagery and other media globally.
I hope the US, which has seemed to be relatively leaderless on the R&D front over the past decade, can emulate more visionary European efforts like this one from the Swiss in the near future.
Anthropic researchers wear down AI ethics with repeated questions Devin Coldewey @techcrunch / 11 hours
How do you get an AI to answer a question it’s not supposed to? There are many such “jailbreak” techniques, and Anthropic researchers just found a new one, in which a large language model (LLM) can be convinced to tell you how to build a bomb if you prime it with a few dozen less-harmful questions first.
They call the approach “many-shot jailbreaking” and have both written a paper about it and also informed their peers in the AI community about it so it can be mitigated.
The vulnerability is a new one, resulting from the increased “context window” of the latest generation of LLMs. This is the amount of data they can hold in what you might call short-term memory, once only a few sentences but now thousands of words and even entire books.
What Anthropic’s researchers found was that these models with large context windows tend to perform better on many tasks if there are lots of examples of that task within the prompt. So if there are lots of trivia questions in the prompt (or priming document, like a big list of trivia that the model has in context), the answers actually get better over time. So a fact that it might have gotten wrong if it was the first question, it may get right if it’s the hundredth question.
But in an unexpected extension of this “in-context learning,” as it’s called, the models also get “better” at replying to inappropriate questions. So if you ask it to build a bomb right away, it will refuse. But if you ask it to answer 99 other questions of lesser harmfulness and then ask it to build a bomb … it’s a lot more likely to comply.
Image Credits: Anthropic
Why does this work? No one really understands what goes on in the tangled mess of weights that is an LLM, but clearly there is some mechanism that allows it to home in on what the user wants, as evidenced by the content in the context window. If the user wants trivia, it seems to gradually activate more latent trivia power as you ask dozens of questions. And for whatever reason, the same thing happens with users asking for dozens of inappropriate answers.
The team already informed its peers and indeed competitors about this attack, something it hopes will “foster a culture where exploits like this are openly shared among LLM providers and researchers.”
For their own mitigation, they found that although limiting the context window helps, it also has a negative effect on the model’s performance. Can’t have that — so they are working on classifying and contextualizing queries before they go to the model. Of course, that just makes it so you have a different model to fool … but at this stage, goalpost-moving in AI security is to be expected.
Age of AI: Everything you need to know about artificial intelligence
Staying up to date with the latest in cyber security has arguably never been more paramount than in 2024. Financial services provider Allianz named cyber attacks this year’s biggest risk for business in the U.K. and a top concern for businesses of all sizes for the first time. However, many professionals are still in the dark about what the events in Q1 tell us about the cyber landscape for the rest of the year that could have significant consequences.
TechRepublic consulted U.K. industry experts to identify the three most significant trends in cyber security — AI, zero days and IoT security — and provide guidance as to how businesses can best hold their fort.
1. Sophisticated cyber attacks with AI
In January 2024, the U.K.’s National Cyber Security Centre warned that the global ransomware threat was expected to rise due to the availability of AI technologies, with attacks increasing in both volume and impact. The risk to U.K. businesses is especially pronounced, with a recent Microsoft report finding that 87% are either “vulnerable” or “at high risk” of cyber attacks. The Minister for AI and Intellectual Property, Viscount Camrose, has specifically highlighted the need for U.K. organizations to “step up their cyber security plans,” as it is the third most targeted country in the world when it comes to cyber attacks, after the U.S. and Ukraine.
James Babbage, the director general for threats at the National Crime Agency, said in the NCSC’s post: “AI services lower barriers to entry, increasing the number of cyber criminals, and will boost their capability by improving the scale, speed and effectiveness of existing attack methods.”
Criminals can use the technology to stage more convincing social engineering attacks and gain initial network access. According to Google Cloud’s global Cybersecurity Forecast report, large language models and generative AI “will be increasingly offered in underground forums as a paid service, and used for various purposes such as phishing campaigns and spreading disinformation.”
SEE: Top AI Predictions for 2024 (Free TechRepublic Premium Download)
Jake Moore, the global cybersecurity advisor for internet security and antivirus company ESET, has been looking into real-time cloning software that uses AI to swap a video caller’s face with someone else’s. He told TechRepublic via email: “This technology, along with impressive AI voice cloning software, is already starting to make the authenticity of a video call questionable which could have a devastating impact on businesses of all sizes.”
OpenAI announced on March 29, 2024 that it was taking a “cautious and informed approach” when it comes to releasing its voice cloning tool to the general public “due to the potential for synthetic voice misuse.” The model called Voice Engine is able to convincingly replicate a user’s voice with just 15 seconds of recorded audio.
“Malicious hackers tend to use a variety of techniques to manipulate their victims but impressive new technology without boundaries or regulations is making it easier for cybercriminals to influence people for financial gain and add yet another tool to their ever-growing toolkit,” said Moore.
“Staff need to be reminded that we are moving into an age where seeing is not always believing, and verification remains the key to security. Policies must never be cut shy in favor of spoken instructions and all staff need to be aware of (real-time cloning software) which is about to explode over the next 12 months.”
2. More successful zero-day exploits
Government statistics found that 32% of U.K. businesses suffered a known data breach or cyber attack in 2023. Raj Samani, senior vice president chief scientist at unified cyber security platform Rapid7, believes that enterprise attacks will remain particularly frequent in the U.K. throughout this year, but added that threat actors are also more sophisticated.
He told TechRepublic in an email: “One of the most emergent trends over 2023 that we are seeing continue into 2024 is the sheer number of exploited Zero Days by threat groups that we ordinarily would not have anticipated having such capabilities.
“What this means for the U.K. cybersecurity sector is the demand for faster triaging of security update prioritization. It is imperative that organizations of all sizes implement an approach to improve the identification of critical advisories that impact their environment, and that they incorporate context into these decisions.
“For example, if a vulnerability is being exploited in the wild and there are no compensating controls — and it is being exploited by, for example, ransomware groups — then the speed with which patches are applied will likely need to be prioritized.”
SEE: Top Cybersecurity Predictions for 2024 (Free TechRepublic Premium Download)
The “Cyber security breaches survey 2023” by the U.K. government found declines in the key cyber hygiene practices of password policies, network firewalls, restricted admin rights and policies to apply software security updates within 14 days. While the data largely reflects shifts in micro, small and medium businesses, the laxness significantly increases the scope of targets available to cyber criminals, and highlights the necessity for improvement in 2024.
“Personal data continues to be a hugely valuable currency,” Moore told TechRepublic. “Once employees let their guard down (attacks) can be extremely successful, so it is vital that staff members are aware of (the) tactics that are used.”
3. Renewed focus on IoT security
By April 29, 2024, all IoT device suppliers in the U.K. will need to comply with the Product Security and Telecommunications Act 2022, meaning that, as a minimum:
Devices must be password enabled.
Consumers can clearly report security issues.
The duration of the device’s security support is disclosed.
While this is a positive step, many organizations continue to rely heavily upon legacy devices that may no longer receive support from their supplier.
Moore told TechRepublic in an email: “IoT devices have far too often been packaged up with weak — if any — built-in security features so (users) are on the back foot from the get go and often do not realize the potential weaknesses. Security updates also tend to be infrequent which put further risks on the owner.”
Organizations relying on legacy devices include those that handle critical national infrastructure in the U.K., like hospitals, utilities and telecommunications. Evidence from Thales submitted for a U.K. government report on the threat of ransomware to national security stated “it is not uncommon within the CNI sector to find aging systems with long operational life that are not routinely updated, monitored or assessed.” Other evidence from NCC Group said that “OT (operational technology) systems are much more likely to include components that are 20 to 30 years old and/or use older software that is less secure and no longer supported.” These older systems put essential services at risk of disruption.
SEE: Top IIoT security risks
According to IT security company ZScaler, 34 of the 39 most-used IoT exploits have been present in devices for at least three years. Furthermore, Gartner analysts predicted that 75% of organizations will harbor unmanaged or legacy systems that perform mission-critical tasks by 2026 because they have not been included in their zero-trust strategies.
“IoT owners must understand the risks when putting any internet connected device in their business but forcing IoT devices to be more secure from the design phase is vital and could patch up many common attack vectors,” said Moore.
In the big world of handling data, where information moves around in complicated ways, metadata is like a secret protector. It holds important clues about the data world. As data becomes more complex and there’s a lot more of it, organizations are starting to pay attention to metadata management, using tools like data mapping. Let’s take a closer look at metadata and see why data mapping is so important in this world.
Understanding metadata and its importance
Metadata can be thought of as data about data. It provides context, structure, and meaning to raw data, facilitating its interpretation, management, and usability. Metadata encompasses various attributes such as data source, creation date, format, ownership, and usage permissions. It is the backbone for data governance, enabling organizations to enforce policies, ensure compliance, and maintain data quality.
Data governance and lineage
Data governance is the management of data assets within an organization. It involves defining policies, procedures, and roles to ensure data integrity, security, and accessibility. Central to effective data governance is the concept of lineage, which traces the lifecycle of data from its origin to its various transformations and usages. Understanding data lineage is crucial for compliance, risk management, and decision-making.
Enter data mapping:
Data mapping is a fundamental technique within metadata management that involves creating connections or mappings between different data elements, systems, or processes. These mappings offer insights into data flow, aiding stakeholders in understanding the organization’s data landscape for informed decision-making.
Examples of data mapping in action
Data integration: When an organization merges multiple databases during a system upgrade, data mapping helps identify redundant or conflicting data fields. Data engineers can ensure smooth integration while preserving data integrity by mapping the source and destination schemas.
Regulatory compliance: Data mapping is critical in demonstrating compliance in industries like healthcare or finance, where regulatory requirements are stringent. Organizations can ensure that sensitive information is handled appropriately and that auditable trails are maintained by mapping data elements to specific regulatory standards or policies.
Business intelligence: Data mapping facilitates the creation of data pipelines for business intelligence and analytics purposes. Organizations can streamline extracting insights from their data by mapping data sources to analytical models or reporting tools, enabling informed decision-making.
Implementing data mapping
Implementing data mapping involves strategic planning, technical tools, and robust infrastructure to effectively capture, manage, and utilize metadata within an organization’s data ecosystem. Below are detailed insights into the key components and processes involved in the implementation of data mapping:
1. Metadata repositories:
Metadata repositories serve as the backbone of metadata management, providing a centralized location for storing and accessing metadata information, including data mappings. Moreover, these repositories come in various forms, ranging from relational databases to specialized metadata management platforms or data catalogs.
Relational databases: Organizations may store metadata, including data mappings, in relational databases such as PostgreSQL, MySQL, or Oracle. These databases offer flexibility and scalability, allowing organizations to design custom schemas to accommodate their metadata needs.
Metadata management platforms: Dedicated metadata management platforms or data catalogs, such as Collibra, Alation, or Apache Atlas, offer comprehensive solutions for metadata management, including support for data mapping functionalities. These platforms provide data discovery, lineage tracking, and data governance features, making them ideal for organizations with complex metadata requirements.
2. Mapping tools:
Implementing data mapping often involves using specialized tools and software that facilitate creating, visualizing, and managing data mappings. These tools range from simple graphical interfaces to advanced mapping automation platforms.
Graphical mapping tools: Graphical mapping tools provide intuitive interfaces for creating and visualizing data mappings. Tools like Talend, Informatica PowerCenter, or FME Desktop allow users to define mappings using drag-and-drop interfaces, making connecting data sources and targets easy.
Automated mapping platforms: Advanced mapping platforms leverage machine learning and automation techniques to generate data mappings automatically. These platforms analyze data schemas, semantics, and usage patterns to infer mappings between disparate data sources. Examples include Astera Software, which offers automated schema mapping and transformation features.
3. Data lineage tracking:
Data mapping is linked with data lineage tracking, which involves capturing and documenting data flow across different systems and processes. Furthermore, its tracking requires robust infrastructure and integration with various data sources and systems.
Data lineage tools: Dedicated data lineage tools, such as MANTA, Octopai, or Informatica Enterprise Data Catalog, provide capabilities for capturing and visualizing data lineage information. These tools track data movement, transformations, and dependencies, enabling organizations to trace the journey of data from its origin to its various destinations.
Integration with ETL and data integration platforms: Data lineage tracking often integrates with extract, transform, and load (ETL) or data integration platforms used within an organization. Platforms like Apache NiFi, Talend Data Integration, or Informatica PowerCenter offer features for capturing and propagating lineage information as part of the data integration process.
4. Governance and security:
Data mapping requires robust governance and security measures to ensure the confidentiality of metadata information. Additionally, organizations must establish policies and procedures for managing access controls, data stewardship, and metadata lifecycle management.
Access controls: Metadata repositories and mapping tools should enforce granular access controls to restrict access to sensitive metadata information. Role-based access control (RBAC) mechanisms can be enforced to guarantee that only users can access data mappings.
Data stewardship: Assigning data stewards responsible for overseeing metadata management processes is essential for ensuring data quality and compliance. Data stewards play an important role in validating data mappings, resolving conflicts, and maintaining metadata integrity.
Metadata lifecycle management: Implementing metadata lifecycle management processes ensures that metadata information remains accurate, relevant, and up-to-date. Organizations should establish metadata versioning, archiving, and purging procedures to prevent data redundancy and inconsistency.
Conclusion
In an era where data reigns supreme, metadata management emerges as a crucial discipline for organizations seeking to harness the power of their data assets effectively. Additionally, as a metadata management cornerstone, data mapping allows organizations to navigate data governance and lineage confidently. By understanding the data landscape and its intricacies through meticulous mapping, organizations can unlock the true potential of their data, driving innovation, efficiency, and growth.
In the age of information overload, capturing and keeping an audience's attention is a challenge. Public speaking is undergoing a revolution, and at the forefront is artificial intelligence (AI). From crafting compelling content to analyzing delivery, AI is transforming the way we present information. This blog post dives into the exciting future of presentations, exploring how AI is empowering speakers to create impactful and engaging experiences for their audiences.
The Role of AI in Public Speaking
AI technology is becoming increasingly important in public speaking, revolutionizing how presentations are created, delivered, and received. With AI tools, speakers can simplify content creation by generating insightful narratives and creating visually appealing slides using AI presentation makers. These platforms also offer personalized coaching and feedback, helping speakers refine their delivery style and engage audiences better.
Additionally, real-time language translation tools powered by AI are making it easier to communicate with diverse audiences worldwide. As AI continues to advance, its integration into public speaking promises to enhance the quality and effectiveness of presentations, promoting better communication and understanding among audiences.
How AI Helps Users in Public Speaking
1. Streamline Research and Content Creation
In November 2022, OpenAI launched ChatGPT (Chat Generative Pre-trained Transformer), an AI-driven chatbot capable of answering questions, writing essays and poems, and more.
ChatGPT is a versatile tool that can be used for both fun and productivity. You can use it to brainstorm ideas, conduct research, and create speech content. For example, if you ask it a question like “Why are some people afraid of artificial intelligence? Can you define artificial intelligence and give examples from history and pop culture?”, ChatGPT can quickly provide three reasons along with examples and references.
Think of ChatGPT as your personal mentor that you can turn to for answers. It's helpful for learning about topics in a way that's different from reading a textbook. If something isn't clear, you can ask ChatGPT to explain it further.
However, it's important to remember that ChatGPT isn't perfect. It's about 85% accurate, so sometimes its responses may not be entirely accurate. Also, its knowledge is limited to the most recent data it's been trained on. Despite this, chatbots like ChatGPT and Gemini can easily help you to streamline your research and content creation.
2. Designing Professional Slides
You might already have access to tools that can help you design polished slides quickly. Canva's Magic Design feature uses AI to generate various template designs for multi-slide presentations with just one prompt. Another option is SlidesAI, which is a versatile tool that assists in converting text to PowerPoint presentations within minutes. It also offers design assistance and a wide range of customization options to ensure your presentations look professional when presenting to an audience.
3. Creating Unique Images
Instead of spending hours searching for or designing images, consider using an image generator like DALL-E. This tool quickly creates images based on custom prompts, addressing the specific points you want to highlight in your presentation. This saves time and ensures the creation of unique, relevant images that are also royalty-free.
Illustrative Examples:
For example, you could prompt DALL-E to create an image of a couple holding hands while scuba diving among colorful tropical fish, similar to scenes from the Avatar movies.
Similarly, you could request an oil painting-style depiction of the Earth seen from space, with the sun rising behind it, inspired by the artistic style of Vincent van Gogh.
4. Get Feedback on Your Speech
AI is revolutionizing public speaking practice by offering a virtual coach that provides insightful feedback beyond the limitations of self-recording. Unlike simply watching yourself back, AI can analyze your speech patterns, offering real-time data on elements like pacing, filler words, and vocal variety. This allows you to identify areas where you might be speaking too quickly, relying on crutches like “um” and “uh,” or failing to modulate your voice for emphasis.
AI can even analyze your eye contact patterns, highlighting sections where you might be disengaged from the audience. This objective analysis, delivered immediately after your practice session, allows you to focus on specific aspects for improvement. With each iteration, AI helps you refine your delivery, ensuring your message is clear, engaging, and leaves a lasting impact on your audience.
Closing Thoughts
AI tools can greatly aid in creating and improving presentations, making the process more efficient and enjoyable. Experimenting with new software options can be a rewarding experience.
Nevertheless, it's essential to recognize that AI tools are most beneficial when used alongside individualized training, feedback, and coaching from an experienced business presentation skills coach.
Above all, keep in mind the importance of the audience. No matter how flashy the visuals or effects, a presentation's success hinges on its relevance and connection with the audience.
