Alan McCafferty · uOttawa PDI News · Posted: Sep 12, 2024 3:12 PM EST | Last Updated: 23 minutes ago
Being on the bleeding edge of technology is risky, but the bleeding edge eventually gives way to the leading edge. And not being on the leading edge means being behind. So, when it comes to the business of technology, it’s extremely important to be able to tell when the bleeding edge is giving way to the leading edge.
But the rush to keep up increases the risk of misidentifying a technology as being mature when adoption is widespread. Even when the technology itself is mature, the market around it may not be: The technology may be occupying niches it cannot sustain and finding use in industries far beyond its meaningful applications.
The .com bubble is a great example of this. Everyone rushed to get online and get a .com address, because the technology had advanced to the point where it was very widely accessible, and the internet was in more and more people’s homes. But the bubble was unsustainable, and while websites certainly didn’t go anywhere, the market saw significant consolidation after the collapse. The same is true of AI.
True AI Is Rarer Than It Appears
Many people start their day talking to an AI before they ever speak to a person. “Alexa, dim the lights. Siri, add tomato juice to my shopping list,” and things of that nature. The media explosion around ChatGPT and AI art has only further intensified the perception that AI is everywhere and soon to be doing everything.
But the reality is that true AI is considerably rarer than it’s made out to be. Skynet hasn’t yet come online, and machines aren’t really doing what we’d call thinking just yet. Large language models such as ChatGPT and algorithmic pattern-sorters could be called AI in a very loose sense, but not in a meaningful sense. These days, many people are saying if you have any algorithm that receives an input and automatically calculates an output, you have an AI. But that’s not really the case.
The simple fact of the matter is that AI has not been solved, and while things you could call versions of AI are certainly out there and being adopted, neither the technology nor the market is what you’d call fully matured. As such, we all need to be cautious about what we adopt and how thoroughly we integrate these technologies into our workflows.
Demand Is Growing for Effective Prompt Engineers
Not only do we not have what you’d call true AI but it hasn’t replaced skilled and knowledgeable professionals just yet.
Even the quasi-AI we have now is powerful and remarkable: it can greatly accelerate workflows, but only if you understand how they work. The problem with them is that you need to understand both how to generate the output you want and how to correctly interpret what you get.
Software is a great example. Many large language models can easily write code, and quickly too. But if I don’t understand the structure of code or the language I’m working in, I can’t tell you if its output is right or wrong. To effectively make use of them, it’s crucial to be able to give them the correct context and how to frame and correctly interpret its outputs.
Guidelines Needed and Regulation Coming
Of course, once you have skilled prompt engineers who understand both how to talk to these tools and interpret their outputs, you still need guidelines on how these tools should be used at your organization. Particularly when discussing cybersecurity, insider threats usually aren’t bad actors. Often, they’re someone who doesn’t realize they’re creating exposures in their network security.
We’ve all heard someone complain that they think Amazon is listening to their phone because they were talking about getting a puppy three days ago and got an ad for dog beds today. The risk at an organizational level, even if these tools are used correctly, are that you can potentially expose the patterns and activity of your organization. The risk of this is compounded in our current Wild West environment, where new companies with new tools are springing up constantly in an essentially unregulated industry, not all of which necessarily protect your privacy as much as you’d like or expect, or function in a way we understand.
But regulators are clamping down and privacy laws are tightening. And whether you’re a producer of these types of tools or a consumer of them, that will affect the legal risk your organization is exposed to and how these tools may operate in the future. As the industry consolidates and the regulatory regime around them becomes more robust, organizations must be sure that they aren’t exposing themselves in their rush to keep up with the latest technologies.
Which is why the Information and Cybersecurity Systems course at the uOttawa Professional Development Institute is going to be integrating AI-focused components into all our cybersecurity courses. We regularly update our courses to ensure professionals are always up-to-date with the changing cybersecurity landscape, and we’ll have more details about the additions we’re making soon. Stay tuned.