Secure Intelligent Machines: Protecting AI from Cyberattack

By Joel D Yonts

Secure Intelligent Machines

Protecting AI from Cyberattack

We are poised on the edge of the greatest transformation in our world since the industrial revolution. Artificial intelligence, with its long and turbulent past, is fast approaching a critical mass that will drive innovation previousl

• Language: English
• Publisher: Secure Robotics Inc.
• Release date: Sep 15, 2023
• ISBN: 9798987789711

Joel D Yonts

Cybersecurity thought leader, researcher, strategist, and advisor, Joel Yonts is a seasoned security executive with more than 30 years of technology, cybersecurity, and artificial intelligence experience. His credentials include active certifications in digital forensics, incident response, malware reverse engineering, application penetration, security leadership, ethical hacking, and artificial intelligence engineering. Yonts has more than 15 years of experience building and leading multi-national Fortune 500 cyber programs as an executive CISO. His contributions to the research community include fundamental research in protecting emerging platforms and mapping future attack strategies of cyber adversaries.

Book preview

Dawn of a New Era

Chapter One

Do you have any cybersecurity concerns? asked the board of directors’ chairman.

The board has just heard your company’s progress in bringing the next evolution of products to market. Early indication is that the AI-infused innovation will be a game-changer for your company with never-before-seen capabilities in your industry and promises of extensive efficiency savings. It’s your job as the head of cybersecurity to have an informed answer to that question, but all you have is a generalized concern and a few what-if scenarios around what could go wrong. Your cybersecurity program is based on control, visibility, and knowledge, but this new black-box system does not fit well within those bounds. The system seems nondeterministic, where logic is not programmed but learned, with no practical way to review all it has learned and no clear way to detect when there has been a malicious subversion.

To compound the issue, you can see the conversation with regulators on the near horizon, where you and other company officials must convince them that your new intelligent machine-driven offering is trustworthy and can be compliant with your industry’s regulations. You realize this train is coming fast and you better get a solid answer to the chairman’s question as well as answers to the anticipated follow-up question, What are you going to do about those concerns?

This story is beginning to play out in organizations around the globe.

The age of intelligent machines has dawned. Artificial intelligence technologies are driving new capabilities and levels of efficiency never seen before and, as a result, are fast moving into all areas of our technical and physical world. Delivering previously unattainable capabilities, significant efficiency improvements, and deep insights that connect our world in ways that, until now, were hidden from human understanding, AI is well on its way to becoming the norm. According to Stanford University’s 2022 AI Index Report, private investment in AI in 2021 totaled approximately $93.5 billion, more than double the previous year, supported by more than 400,000 new AI-related US job postings in that same year.¹ The investments are already paying off with significant financial and market-share gains, leading to what PWC’s Global Artificial Intelligence Study believes may be a $15.7 trillion contribution to the global economy by 2030.²

Intelligent machines are not just reserved for corporate environments. Our day-to-day lives involve direct contact with an ever-growing number of AI systems. Global shipments of AI-infused smart-home devices topped 895 million units in 2021, with even higher numbers projected for the next several years.³ In addition to smart homes, new on-body ecosystems, augmented reality, voice-enabled devices, pervasive robotics, and tailored consumer services are all examples of consumer megatrends made possible by machine learning (ML) and other AI technologies. These systems are driving a personalization of technology that transcends computer literacy and brings a slew of captivating new capabilities to the masses. As the era of AI consumerization unfolds, our lives and industries become intertwined and dependent on intelligent systems, painting a tantalizing target for nefariously motivated cyber threat actors.

Perhaps the greatest harbinger for the coming tide of intelligent systems is the proliferation of government-backed programs designed to promote artificial intelligence capability development within respective countries. According to the Organization for Economic Co-operation and Development (OECD), there are more than seven hundred AI policy initiatives spanning sixty countries, territories, and the European Union, establishing this as a top priority.⁴ The long list of national programs underscores the economic, quality-of-life, and national-security impact these technologies will have on nations around the world. Additionally, a long list of nonprofit groups, think tanks, and committees have been created to help usher in this age with boundaries that promote responsible AI and tackle ethical challenges created by this transformational technology. The US National Security Commission on Artificial Intelligence perhaps captures the sentiment best in their most recent report, The entire innovation base supporting our economy and security will leverage AI. How this ‘field of fields’ is used—for good and for ill—will reorganize the world. ⁵

It is clear that intelligent machines are now interwoven with the future of our planet, with an adoption curve that is accelerating at an impressive rate. As a part of this growth, we have started to ask important questions and establish ground rules that promote the transparency and trustworthiness of AI. Much of this work has been around ensuring AI decision-making (ADM) systems do not inadvertently incorporate bias or differential treatment that impacts the fair and equitable treatment of individuals. This is a critical step in avoiding serious pitfalls in intelligent automation but may not be the greatest threat facing AI-driven systems. That distinction may belong to those individuals, criminal groups, and nation-states that nefariously target these systems, intending to subvert the function or extract information for illegal, unethical, and national security interests.

***

1.1 Event Horizon

Spring of 2023, the inflection point. The moment in time when innovations in generative AI moved from novelty to mainstream. What started as entertaining and somewhat eerie conversations with OpenAI’s ChatGPT⁶ gave way to new, more practical use cases involving generating corporate documents, extracting meaning from complex text, application code generation, and natural language processing for business automation. This marked a point where, for the first time, a machine could understand and generate textual content with speed, accuracy, and scale that could rival or exceed that of human workers. This evolutionary capability was made possible by the maturing of a new approach to AI called transformer or foundational models. In parallel to the breakthroughs at OpenAI, transformer models were applied broadly across all active domains of AI to deliver groundbreaking results in generating new media content and inference of meaning from media samples.

With AI’s ability to read, understand, and interpret text, images, video, and sound—along with an even more impressive ability to convert a series of prompts into generated media representations—a boundary was crossed. Governments, corporations, and consumers alike must now reckon with what this means for innovation, profits, national security, and the human worker because the rippling effects and potential are far too great to be ignored. This pivotal period may be best described as an event horizon, formally defined as the boundary of a black hole beyond which nothing can escape.⁷ The rapid succession of events during this period will likely be seen as an AI event horizon where there is no escaping a rapidly accelerated AI-enabled future.

Thriving in the Age of Intelligence

For corporate decision-makers, the lure of an AI-enabled workforce and intelligent business automation is strong. Indeed, early results exceed expectations with direct savings to the corporate bottom line through increased efficiency, accuracy, and direct labor savings. These factors, coupled with a worker shortage in several fields, would likely be enough to fuel a shift to AI-enabled intelligent machines, but those benefits are just the starting point.

The latest generation of transformer-based AI technologies is on the verge of completely overhauling the human-machine interface. No longer will there be a need to spoon-feed texts, images, and other media to a machine interface with structured descriptors and codified instructions for interpretation and use. The level of understanding afforded applications and computational systems will facilitate interactions with workers, business partners, and customers on par with collaborative conversations between colleagues discussing the best solution and desired outcomes. In turn, this will translate into more responsive communications, faster time to market, and a reduction in errors due to mistranslation of user requirements to machine instructions. Extending these same capabilities to medical and industrial sectors can deliver phenomenal diagnostic capabilities with top-end performance that will significantly outperform human ability.

Another improvement in human-machine interaction will be in the creative realm. Designers, artists, and planners will soon be equipped with tools that provide near real-time visual and auditory rendering and feedback for conceptual design ideas. These capabilities will impact the creative process along two vectors. First, many functions will experience a significant reduction in the time required to move from concept to physical implementation. In some instances, this will be due to a faster rendering of structural designs, and in other cases, it will be from direct creation of the end product (e.g., digital media creation). The second and more abstract impact is the expansion of human creativity. As machines remove limitations in what can be generated and become better at visualizing our design ideas, new generation techniques and visualizations that are not currently within today’s artistic realm will emerge. Evidence for this anticipated effect has been seen in many areas where AI-based solutions have risen to be masters in a particular domain. A prime illustration is the AI-driven Go and chess-playing implementations offered by AlphaGo⁸. In both instances, once the AI model achieved mastery within the game, human players began observing and mimicking patterns of play that were not previously employed by humans.

The use cases for an AI-enabled future expand daily with an impressively steep performance-improvement trend in effectiveness and efficiency. Most organizations will see the potential for a competitive edge and improved customer service and move toward early adoption. A study conducted by Scale AI in early 2023 showed that 65 percent of the over 2900 ML practitioners and leaders surveyed planned to either accelerate their existing AI strategies or develop a strategy for the first time as a result of innovations in generative AI and transformer models.⁹ Even for those more risk-averse companies, it is doubtful that any organization will be successful in keeping AI at bay for any length of time. These organizations may choose not to embrace artificial intelligence capabilities in internal development projects, but the technology will likely seep in through a never-ending list of AI-enabled products, services, and outsourced capabilities. The disadvantage of the latter approach is the higher likelihood that AI risks may manifest without the development of a strategic enterprise risk-mitigation plan.

Nefarious Value

Organizational leaders and industry professionals are not the only ones observing the AI evolution with interest. Money, power, control, knowledge, and the ability to disrupt are key objectives that have motivated cyber threat actors since the inception of cyber-related crime. As artificial intelligence plays a growing and pivotal role in influencing these same elements, attackers have become increasingly motivated to shift their sights to intelligent systems. Theft and monetization of confidential and proprietary information contained within AI models will drive attacks designed to extract information, reconstitute training sets, or directly steal the pretrained model. Integrity attacks that alter or circumvent an AI’s decision-making ability will serve a wide range of attacker motives, from influencing decisions that can be directly monetized to darker motives of physical harm and disruption. Following similar trends as seen in general cybersecurity, attacks on availability will give way to waves of ransom and cyberextortion attacks. Availability attacks may be of particular impact in the realm of intelligent machines, considering that often there will be no old-school human processes capable of performing the actions served by AI-enabled or robotic systems.

AI's powerful pattern-detection and complex-response capabilities will soon become foundational components in a broad range of defensive capabilities. The pivotal role these technologies will play in defense provides another motivation for targeting AI in blended attacks. In this style of attack, threat actors will target intelligent systems leveraged by physical, technical, and even military defenses to neutralize protections as a precursor to launching secondary attacks. Examples include neutralizing an augmented-intelligence engine that powers cybersecurity defenses prior to orchestrating a data breach or removing AI-driven physical perimeter-monitoring solutions prior to unauthorized physical access.

Another interesting and somewhat novel motivation for targeting these systems may come in the form of hacktivism. There is a great awareness of and concern over the carbon footprint generated by the use of AI models. The excessive carbon footprint, which may exceed the life emissions of multiple cars, is the by-product of the immense amount of energy required to power and cool the training of large AI models. The rate of AI energy usage is also not static. Energy consumption for these ever-expanding models grows at a rate proportional to the expansion in training dataset size and the number of features incorporated into the final model. Certainly, this is another hurdle that the adoption of intelligent machines must tackle, but that is out of the scope of this book. This concern, however, is top of mind for many environmentalists and not lost on activist hacker subgroups. Historically, environmental issues have motivated activist hackers, also known as hacktivists, to launch cyber-disruption attacks against corporations seen as environmental offenders. Unless there are ways to reverse the carbon footprint trend or provide a greater reduction in energy usage elsewhere through gained efficiencies driven by AI, this will likely be another motivator for attacks on intelligent machines.

Other potential hacktivist motivations will come from potential adverse effects on human populations. Almost every discussion about future innovation and benefits from AI-enabled technologies is coupled with deep concerns about displaced human workers and soaring unemployment. Tackling these issues far exceeds the realm of cybersecurity, but how companies choose to address these concerns and treat their human workforce will likely go a long way toward deferring or attracting hacktivist attackers.

The intersection of AI and privacy is another hacktivist motivation with roots in the human element.¹⁰ Artificial intelligence has the unparalleled ability to process, contextualize, and take action on large volumes of streaming video, captured audio, and individual digital footprints. While these capabilities have powered a vast number of services to enrich the human experience, they also have the menacing distinction of enabling mass surveillance of expansive populations and groups. Removing the ethical label of whether targeting these systems would be considered nefarious, privacy-motivated hacktivism will be another motive for targeting intelligent machines.

This limited survey of motivations and threat actors that have taken up and will take up arms against intelligent machines is meant to reorient the mind of the reader to what is possible but is in no way exhaustive. The main takeaway should be that the impact, value, and numeric growth of these attacks will grow at a rate proportional to the rate and extent of AI adoption around the globe, which is on a rocket trajectory with no end in sight.

Today, crafting targeted cyberattacks against intelligent machines and AI-enabled technologies requires a high degree of technical expertise. This level of expertise is generally reserved for sophisticated threat actors, with many such attacks coming from state sponsors or highly funded criminal groups. However, the general cybercriminal ecosystem has evolved efficient processes and markets to take advanced attack capabilities, initially reserved for the elite and commoditized and distributed to the masses through purchased toolkits and services. It is likely that a similar pattern will quickly equip less sophisticated attackers to carry out advanced AI attacks. As this attack-enablement curve matures alongside the accelerating adoption of artificial intelligence, it may create a perfect storm for mass exploitation and disruption to many aspects of an organization and our society. This potential drives an imperative that corporate and organizational defenders grow and adapt cyber programs to defend these systems at a rate faster than the mass adoption of AI cyberattack tools.

Adversarial Targeting vs. Adversarial Use

A quick web search or browsing online book listings for the terms cybersecurity and artificial intelligence will yield thousands of entries. Indeed, these two terms independently are among the hottest technology buzzwords in the industry. At the time of this writing, the intersection of these terms will invariably yield content or books related to the adversarial use of artificial intelligence to orchestrate cyberattacks or the use of AI-enabled tools to detect and defend against general cybersecurity attacks. The impact of this enabling technology on the cybersecurity arms race certainly warrants this level of attention and study. However, there is another cybersecurity and AI intersection that has had only limited discussion to date – adversarial targeting of AI technologies. As AI plays an expanded role in operating our world, it will shift from merely a tool of attack to becoming an attacker’s primary target. The mission of the AI cybersecurity program is to protect against adversarial targeting of AI. While the wording shift may seem subtle, the implication broadens and further defines the scope of the program being developed.

Vulnerable Intelligence

The rising tide of cyberattacks against intelligent machines is inevitable, but damage is only realized if the attack crosses the path of a vulnerable system. That statement embodies two separate concepts that are important to understanding the actual risk associated with cyber threats. The first is the premise that an attack must traverse the attack path to hit the target system or service. Defense in depth (DiD) is a key pattern in the design of traditional cybersecurity programs that builds concentric layers of defensive controls that block or limit the number of attacks that make it to the innermost layer, the target. Examples of such controls include network filters, access controls, and system endpoint protection. Intelligent machines will likely gain the benefits of an organization’s DiD controls to limit or reduce the attacks that reach these systems. However, traditional cyber programs have not adapted defenses to protect the unique nature of intelligent machine construction and operation, leaving several layers missing in a holistic DiD approach. This reality was the impetus for the fundamental and applied research that went into creating this text. This book contains insights and practical guidance needed to transform a traditional cybersecurity program into a cyber practice capable of protecting artificial intelligence from cyberattack.

One additional cyber-risk amplifier lies in the fabric of intelligent system design. In order to gain the benefits of intelligent systems, an elevated level of trust and autonomy must be granted to allow these systems to see patterns humans can’t see and take actions with limited or no human oversight. Exploitation of trust has long been a prime tactic of cyber threat actors. The limited nature of human involvement in the operation of these systems may translate into a successful compromise remaining undetected for some time. Compounding the issue, most incident response teams have limited knowledge and tools to respond to compromised intelligent machines, which will likely further delay containment, eradication, and recovery of these incidents.

The key to thriving in the age of intelligence will be balancing the rate of AI-enabled adoption that gains a competitive edge with the work to identify and address underlying cybersecurity concerns inherent to these technologies. History will likely prove those organizations that focus on establishing a strong AI cybersecurity posture early will far outpace those organizations that have been sidelined by legal, regulatory, and technical fallout from compromised AI.

***

1.2 Confidence in Uncertainty

The field of artificial intelligence has officially been around for nearly seventy years (see Chapter 2. Defining Intelligence), but we still can’t fully explain how it works. That’s not to say there is some greater-than-human force at work. Rather, these systems are nondeterministic. We didn’t program the logic that goes into them, and in many cases, we can’t determine why certain choices are made. This is a topic that has legal and regulatory implications, but for now, it’s sufficient to say we must become comfortable operating with a degree of uncertainty. There are techniques for minimizing this uncertainty, including the insertion of human oversight, but uncertainty is part of artificial intelligence’s fabric and value.

Before AI, the computer world operated mostly in black-and-white truths. Applications developed with structured programming languages had strict and predictable instruction sequences, and all inputs were processed, interpreted, and mapped to true and false values with little exception. These systems were deterministic but could only operate within a very narrow tolerance of conditions and inputs.

With artificial intelligence, we allow the machine to learn from the data. The learning process involves the consumption of vast quantities of data by training algorithms that generalize the information seen before storing observed patterns and associations into a logical construct called a model. The model holds the patterns of inferred logic in a format incoherent to humans but readily applicable to new inputs to achieve the various outcomes intended for the intelligent machine. Applications based on AI technologies operate on logic not programmed by humans but rather inferred directly from observed patterns within the training data with little to no human oversight. There are techniques, which will be covered in later sections of this book, for validating the accuracy of trained models in general. However, considering the expansive size of today’s model, which may measure in the billions to trillions of data elements and features, it is impossible to enumerate all possible outcomes stored or achievable through the model’s use.

Determining the trustworthiness of an AI system requires answering two vital questions: Can we trust the completeness of the training data and AI model construction? And can we trust that the system has not been maliciously altered by a threat actor? The former question, generally accepted as trustworthy AI, has been the primary focus of regulators, data scientists, and organizational leaders. The quality of the data used in training—and whether the model generalizes the data leading to good, unbiased decisions—forms the foundation of AI trust, but it is more in the domain of data scientists than cybersecurity analysts. The question of whether the system has been poisoned or subverted by a nefarious threat actor, however, is in the realm of the cybersecurity team. Developing the architectures, processes, and technical capabilities to prevent and answer that question is a broad topic that forms the mission expounded upon throughout this text.

Balancing Innovation and Risk

Great reward but at what price? That is the mantra echoing from corporate decision-makers and organizational leaders as everyone struggles to understand whether intelligent machines will be friend or foe. The potential reward is so great, and the cost of losing relevance is so looming that many feel there is no choice but to follow the path ahead. Setting existential and philosophical concerns aside, the greatest determination of whether AI will be friend or foe will depend on how well organizations identify and avoid inevitable pitfalls—pitfalls that may be as deep and cavernous as the tallest peaks of possibility brought by these emerging technologies.

Cybersecurity is always about balancing risk mitigation with allowing technological freedom to engage, explore, grow, and adapt to achieve mission objectives, meet customer expectations, and evolve with industry trends. Achieving a balanced approach starts with understanding the use cases and organizational value propositions achievable by adopting intelligent machines. Quantifying the value of AI in general or for individual project efforts rests outside the cybersecurity function and should be the task of business leaders and organizational stakeholders. However, establishing a common vocabulary or value measures for those discussions may jump-start conversations and lead to more structured cybersecurity decision-making. The following summary provides a good starting point for establishing common measurements for evaluating the benefits of AI-enablement initiatives. This list is based on common industry experience, but each organization should define the terminology and value metrics that best fit their objectives and culture.

Benefits of AI Adoption

Efficiency in processes may reduce human labor, quantity of technical resources, extent of outsourced services, and related costs needed to meet a particular objective.

Accuracy that improves automated decisioning, streamlines processes, and improves the quality and costs associated with final products or outcomes.

Improvements in speed that reduces the time required for developing new capabilities, improves operational performance, or tightens an intelligent machine’s cycle time for observing, orienting, deciding, and acting on received information.

Improved human-machine interaction that drives enhanced customer services and reduces latency in translating objectives and inputs between AI-enabled systems and human operators.

Enablement of new, previously unattainable machine capabilities and the removal of barriers to human creative expression. This broad category represents a shift from the previous measures that focused on making existing processes and technologies better to a universe of new possibilities made possible by artificial intelligence.

Even though the purpose of this book is an articulation of cyber risk and cyber protection strategies of the coming age of intelligent machines, hopefully, the reader will come away with an equal appreciation for the value proposition and the benefit of AI-enabled technologies. This is an important line for cybersecurity practitioners to walk. Effective cyber risk discussions always start with understanding what the organization is trying to achieve and convey to business stakeholders a genuine interest in their work and a desire to see them succeed. This approach is critical for establishing trust, which will be especially important when charting an enterprise path through the unfamiliar territory of emerging AI technologies.

The AI age comes heralded with an extensive and growing list of value propositions, but associated risks are less defined. Even more so is the subdivision of risks that constitute cyber risk. Recent headlines have reverberated potential harm with news stories of well-meaning corporate employees leaking sensitive intellectual property through publicly available large language models, but the extent of these and other risks remains nebulous. This imbalance is driven in part by a lag in the alignment of conditions for the realization of many of the issues AI-enabled organizations will face. These opportunistic gaps will naturally be triggered and identified as the quantity and diverse application of AI continues to grow. The other more insidious driver for mapping the AI risk landscape will come as threat actors pivot their full attention to these emerging platforms. During this transition, the discovery of new AI-related risks and vulnerabilities will shift from opportunistic to a zero-sum game where an active adversary actively explores AI architectures and implementation surfaces for weakness and exploitability.

AI Cyber Risk Essentials

Vigilant, forward-thinking, and adaptive cybersecurity strategies and practices will be the key to ensuring the odds are favorable that an organization will have a successful launch into the dawn of this new age and not be associated by name with one of the cybersecurity pitfalls discovered along the way. The creation of this strategy will materialize as we explore concepts and practices of AI cybersecurity throughout this book, but most organizations find they have been thrust into a quick initial response to the rapid escalation in AI capabilities. It is hard to do the topic justice in a succinct way, but every executive, technology leader, and practitioner should at least ask or be aware of the following AI-related questions and associated cybersecurity risks. These serve as a good starting point for an AI cyber risk discussion, but much work needs to be done to expand these concepts and build a strong cybersecurity posture for intelligent machines.

Confidentiality

What are the risks associated with processing sensitive data with externally hosted machine learning models or ML services?

Much like traditional systems and services, the answer largely depends on how the information is used. Recent news stories are populated with instances where user input was used for ongoing training of the model, which made the data available to other public users. Ensuring inputs are not used for model training or retained in ML-supporting knowledge stores are critical points of clarity. A best practice would be to avoid using any shared or publicly available ML model or ML service for processing sensitive information.

Is it safe to include sensitive data in internally developed machine learning models?

The creation of machine learning models requires extensive datasets for training, validation, and testing. Additionally, ML models are very sensitive to the quality and format of the data within these datasets. To satisfy these requirements, most implementations involve the creation of complex and lengthy data pipelines that consolidate, transfer, and transform large quantities of data. These pipelines often create redundant copies of datasets at transformation points and increase the length of data transit. The last point is driven by the common need for data consolidation from multiple sources and data centralization driven by the sizable system resources required for model training that does not lend itself to smaller distributed environments. The accumulative effect on cyber risk is a significantly larger data footprint, increased risk of supply chain attack from data transformation tools, and potential compliance implications from cross-region data transfers.

Furthermore, during post-training operations, a model trained with sensitive company information may become an egress point for data leakage even if the intended response of the model is not the reproduction of original sensitive data elements. This is a by-product of the nondeterministic nature of many ML implementations that could allow novel model inputs to extract or reconstruct original sensitive information inputs.

Would data redaction, masking, or normalization of training data be enough to remedy previously articulated sensitive data exposure risks?

Machine learning is endued with an apex ability to see patterns and correlate seemingly unrelated pieces of information. In most cases, this delivers tremendous value and capability, but in relation to ML models trained with sensitive information, a number of proof-of-concept and demonstrated techniques exist for reconstituting or extracting original data instances, even when attempts were made to redact or de-identify the information. Proceed with caution when exposing models trained with masked or redacted sensitive information to users and systems that should not have access to original training information.

Are there additional risks to submitting sensitive data to a shared AI-enabled application if it has been verified that submission will not be used for model retraining?

Machine learning is adept at providing powerful and insightful details about information submitted during operation. In similar applications, all foundational knowledge the model needs for operations is provided during training or perhaps queried from an external source made available to the system. As AI-enabled applications grow in complexity, however, the need to augment training data with fragments of knowledge gleaned along the way is growing.

Modern chatbots and digital assistances are prime examples of how parts of a user interaction are stored and accessed during later parts of the conversation. There are many technical means for implementing this short-term or potentially middle-term memory, but it is collectively referenced as knowledge management.

Knowledge management is another domain of AI that has been around for decades with less fanfare. As intelligent machines become more complex and context-aware, the use of auxiliary knowledge management systems (KMSs) will also grow. Answering the original question, processing sensitive information through an AI-enabled application runs the risk of fragments of the submission being caught in a knowledge management system and potentially used for responses for future inputs. Many AI implementations mitigate this risk by implementing sessions to control who has access to these short-term memory features, but many of these safeguards are dependent on design and implementation details.

What impact will artificial intelligence have on the protection of intellectual property?

Patents, formulas, trade secrets, business plans, operational logic, strategic military memos, and innovative processes are common examples of intellectual property. In today’s digital world, these artifacts of IP are documented and stored in databases, content management systems, or file systems with layers of access controls and other protections. Authorized workers are usually given access and training on job-relevant segments of the organization’s intellectual property, which is further protected from human disclosure through contractual, legal, and regulatory mandates for confidentiality. This ecosystem has been met with