cerrar
cerrar
Su red del mañana
Su red del mañana
Planifique su camino hacia una red más rápida, más segura y más resistente diseñada para las aplicaciones y los usuarios a los que da soporte.
          Descubra Netskope
          Ponte manos a la obra con la plataforma Netskope
          Esta es su oportunidad de experimentar de primera mano la Netskope One plataforma de una sola nube. Regístrese para participar en laboratorios prácticos a su propio ritmo, únase a nosotros para una demostración mensual del producto en vivo, realice una prueba de manejo gratuita de Netskope Private Accesso únase a nosotros para talleres en vivo dirigidos por instructores.
            Líder en SSE. Ahora es líder en SASE de un solo proveedor.
            Líder en SSE. Ahora es líder en SASE de un solo proveedor.
            Netskope debuta como Líder en el Cuadrante Mágico™ de Gartner® para Single-Vendor SASE
              Protección de la IA generativa para principiantes
              Protección de la IA generativa para principiantes
              Descubra cómo su organización puede equilibrar el potencial innovador de la IA generativa con sólidas prácticas de seguridad de Datos.
                Prevención de pérdida de datos (DLP) moderna para dummies eBook
                Prevención moderna de pérdida de datos (DLP) para Dummies
                Obtenga consejos y trucos para la transición a una DLP entregada en la nube.
                  Libro SD-WAN moderno para principiantes de SASE
                  SD-WAN moderna para maniquíes SASE
                  Deje de ponerse al día con su arquitectura de red
                    Entendiendo dónde está el riesgo
                    Advanced Analytics transforma la forma en que los equipos de operaciones de seguridad aplican los conocimientos basados en datos para implementar una mejor política. Con Advanced Analytics, puede identificar tendencias, concentrarse en las áreas de preocupación y usar los datos para tomar medidas.
                        Los 6 casos de uso más convincentes para el reemplazo completo de VPN heredada
                        Los 6 casos de uso más convincentes para el reemplazo completo de VPN heredada
                        Netskope One Private Access es la única solución que le permite retirar su VPN para siempre.
                          Colgate-Palmolive Salvaguarda su "Propiedad Intelectual" con Protección de Datos Inteligente y Adaptable
                          Colgate-Palmolive Salvaguarda su "Propiedad Intelectual" con Protección de Datos Inteligente y Adaptable
                            Netskope GovCloud
                            Netskope logra la alta autorización FedRAMP
                            Elija Netskope GovCloud para acelerar la transformación de su agencia.
                              Hagamos grandes cosas juntos
                              La estrategia de venta centrada en el partner de Netskope permite a nuestros canales maximizar su expansión y rentabilidad y, al mismo tiempo, transformar la seguridad de su empresa.
                                Soluciones Netskope
                                Netskope Cloud Exchange
                                Netskope Cloud Exchange (CE) proporciona a los clientes potentes herramientas de integración para aprovechar las inversiones en su postura de seguridad.
                                  Soporte técnico Netskope
                                  Soporte técnico Netskope
                                  Nuestros ingenieros de soporte cualificados ubicados en todo el mundo y con distintos ámbitos de conocimiento sobre seguridad en la nube, redes, virtualización, entrega de contenidos y desarrollo de software, garantizan una asistencia técnica de calidad en todo momento
                                    Vídeo de Netskope
                                    Netskope Training
                                    La formación de Netskope le ayudará a convertirse en un experto en seguridad en la nube. Estamos aquí para ayudarle a proteger su proceso de transformación digital y aprovechar al máximo sus aplicaciones cloud, web y privadas.

                                      Navigating the Complex AI Regulatory Landscape – Transparency, Data, and Ethics

                                      Oct 24 2023

                                      Ahead of the upcoming AI Safety Summit to be held at the UK’s famous Bletchley Park in November, I wanted to outline three areas that I would like to see the summit address, to help simplify the complex AI regulatory landscape. 

                                      When we start any conversation about the risks and potential use cases for an artificial intelligence (AI) or machine learning (ML) technology, we must be able to answer three key questions: 

                                      • What AI models are being used? 
                                      • What data is being fed into them? 
                                      • What outputs do they produce? 

                                      I discussed these questions on the recent episode of Netskope’s Security Visionaries podcast with Yihua Liao, Head of Netskope AI Labs, and Suzanne Oliver, Director of IP Strategy at Scintilla. We had a lively conversation about transparency, data, responsibility and regulation in this complex AI landscape. 

                                      Transparency and models

                                      Before we talk about AI, we first need to be clear about what we’re discussing—starting with the differentiation between technologies, specifically artificial intelligence (AI) and machine learning (ML). As early media coverage fixated on ChatGPT, we have found ourselves in a confusing landscape where many people misconstrue ChatGPT with artificial intelligence or machine learning in much the same way we conflate Google and search engines. 

                                      Understanding the model being used is an essential element because of its potential to take the exact same data set, and draw wildly different conclusions based upon its biases—conscious or unconscious—that are ingrained from the outset. More importantly, without a clear understanding of the model, a business cannot determine if outputs from the platform fit within its own risk and ethics criteria.  

                                      When considering regulations around specific models, there is currently little to influence the process or algorithms themselves, but we should be mindful of regulations around the eventual outputs. For example, an HR tool that uses machine learning to screen job applications could put a company at risk from discrimination legislation without strict efforts to mitigate bias. Similarly, an ML tool that can identify images of passports, drivers licences, and credit cards will be subject to personal data regulations. 

                                      With so much variation in AI and ML models, it raises the question of whether regulators could help standardise the risk parameters for these models to give industry greater reassurance when onboarding a solution. For example, in the automotive industry we have clearly defined levels of autonomy for driverless vehicles, enabling car companies to innovate within a comfortable set of parameters. As AI sits on such a broad spectrum, from ML data processing to generative AI, there is perhaps an interesting opportunity for regulators to bring clarity to what is a complex sector.  

                                      AI data supply chain

                                      Before regulators leap into action on how they could control the development and use of AI, we should first take a look at how existing regulations could be applied to AI. 

                                      AI and machine learning tools are highly reliant on a reliable data supply chain and IT and security leaders are already working to ensure compliance to a raft of data legislation—and swimming in acronyms like HIPAA, GLBA, COPPA, CCPA and GDPR. Ever since the introduction of GDPR in 2018, CISOs and IT leaders have been required to make clear what data they collect, process, and store, and for what purpose, with stipulations over individual users’ rights to control the use of their data. Leaders have rightly been concerned about how deploying AI and ML tools would impact their ability to meet these existing regulatory requirements. 

                                      Businesses are asking both regulators and AI companies for the same thing—clarity. Clarity on how existing regulations will be applied to AI tools, and—if that changes—how it impacts their status as data processors. AI companies should make every effort to be transparent with customers through partnership agreements and terms of service on how their tools comply with existing regulations particularly in relation to the data collected, how it’s stored or processed, and the mechanisms for customers to restrict these actions.  

                                      Responsible development

                                      In lieu of regulators bringing clarity to the AI landscape, it falls on technology leaders to promote self-regulation and ethical AI practices within their organisations to ensure that the outputs of AI technologies are safe and beneficial for society. Many companies have already published their own guiding principles for responsible AI use, and they share many consistent themes of accountability, reliability, fairness, transparency, privacy, and security. 

                                      If they aren’t already, technology leaders should be acting now to evaluate the implications of incorporating AI into their products. Companies should be setting up internal governance committees to discuss AI ethics, to evaluate tools and their applications within their own businesses, review processes, and discuss strategy in advance of more widespread regulation. 

                                      Although it is apparently not a focus for the upcoming AI Safety Summit, the establishment of a regulatory body (similar to the International Atomic Energy Agency (IAEA) or European Medicines Agency (EMA)) would go a long way to setting a global framework for regulating AI. This body could help bring standardisation and set the criteria for continuous assessments of tools to ensure they adhere to these standards as models learn and grow. 

                                      An intelligent future

                                      AI has the potential to transform our lives but it cannot be at the expense of the fundamental principles on data rights and privacy that we have today. Regulators need to find a delicate balance that protects individuals without stifling innovation.  

                                      After government and industry leaders meet at Bletchley Park, the first outcome I would like to see is a greater emphasis placed on bringing transparency to the current AI landscape. Rather than relying on goodwill and voluntary codes of conduct, AI companies should be required to be transparent over the models and technologies behind their tools. This will allow businesses and customers to make more informed decisions in their adoption and give them greater autonomy over their data.

                                      author image
                                      Neil Thacker
                                      Neil Thacker is a veteran information security professional and a data protection and privacy expert well-versed in the European Union GDPR.
                                      Neil Thacker is a veteran information security professional and a data protection and privacy expert well-versed in the European Union GDPR.

                                      ¡Mantente informado!

                                      Suscríbase para recibir lo último del blog de Netskope