Today, we will discover some, emerging technologies, particularly, of course, AI are shaping, cybersecurity, privacy, and governance world.And our topic is today, ethical AI in cybersecurity, balancing innovation with risk mitigation. Maybe you heard of that. There are lots of regulation is coming, and some of them is on the way from European side, especially, is why today we will talk about especially on risks management. So let's jump on the emerging technologies, Zaria, because you know that. It's not a lone wolf AI. It's generally walking together in other emerging technologies and all of them just feeding each other. So if the overview of all these emerging technologies, AI, IoT, quantum computing, especially just this year, we can find very fancy wording to describe all these emerging technologies, but after all, AI is a game changer.

I don't wanna say just AI. It's generative AI. Of course, it's a game changing. And all these different kinds of emerging texts shaping our world right now and the risks and the ethical challenges and AI introduce us to cybersecurity. So maybe we can say similarly AI is the revitalizing how we identify, respond to cyber risks. AI powered tools can detect anomalies in real time, predict threats and automate repetitive tasks. So as you can see in here, there are new players in our life, they are industry players, so maybe maybe in the past, we can say that they generally prepare all these standards, best practices, and frameworks to us. And we generally have a compliance team, and they just try to put the right roles and the rules on the stage.

But after all, then today, it's not just compliance thing. So governments, all threat actors, all of them will adapt these technologies not only to enhance, but also for cap all these, maybe we can say competitive sometimes at variable purposes. So that is why there are lots of various groups. So we cannot just say, oh, it's just cybersecurity. It's just compliance. It's just privacy teams. We need to work together and understanding the real fundamentals of all these emerging technologies is the best shot to understand, control, manage, mitigate all risks. I love this chart. It's chart is from McKinsey's, and I'm coming from, you know, professional services. That is why I really like this kind of charts. And in here, you can see that they just try to foresee to to enter 18, and they put in here the coordination with multiple agents, creativity, logical reasoning, and problem solving is one of the biggest things right now.

And need natural language generation. We are calling it NLP. Most probably you heard that before, and output of articulation and presentation. There are lots of ability of AI you can see in here. The things is all this thing in AI over the past years led to acceleration of forecast of when AI achieves human performance. We are not just talking about technologies, technology thing because we just try to replicate human performance. We just try to change, you know, our working environment with AI. So that is why they are selling artificial general intelligence is still in this some feature for most service. AI progress is much faster in all these select the capabilities relevant or businesses. So that is why Mackenzie just trying to show to us.

The performance equivalent top quartile human output is expected in twenty twenties and twenty thirties. So it means that most probably, just in five years, we will see lots of very major difference, especially in AI area. And there is a quote, I really liked it. We tend to overestimate the effect of technology in the short run and underestimate the effect in the long run. You know that we can exaggerate AI ability today, and everybody really likes to talk about it, especially if people have no idea about AI. They can say something, but sometimes we can underestimate the effect in the long run because we are living in a hybrid world right now. We can manage AI. We can use AI. We are the decision maker. Still, we got this leverage as human beings.

But we cannot oversee future right now, said that is why we need to be careful and we need to be ready for using AI. And the risks and the ethical challenge of AI in cybersecurity. Actual guys, most probably last three years, every day, we just trying to understand what is our major problems in ethical challenges. And when I was a adviser for ICO, we just tried to share lots of main and major point of what ethical things. But you know what? Today, we've got an EU AI act, but nobody can say it's really so mature and cover all our risks and ethical problems. The things is in here, I will try to highlight to you about cyber perspective, but after all, it means so open because it's a big giant AI.

And we just try to flip this giant with datas. And in ethical problems, I always try to clarify that. If you feed your AI with dirty data, unclarified data, and manipulate the data, it means that you will got this kind of outputs. But it's so obvious that isn't it? Because we created all this dirty data together because of skin color, because of our race, because of our religions. We create that together. And today, we just try to blame all AI applications, AI platforms. But after all, then today, we need to work together and first of all, understand that data is everything. Without data management, without understanding real fundamentals of data management and quantum computing, Today, we cannot manage AI. Maybe we can manage this kind of very primitive model of AI.

But in the future, we will use NLP, so we cannot manage without understanding data. So in cybersecurity area, there are three main things, especially we will talk today. The first one is misuse of AI in cyberattacks. The first one is AI powered phishing, deep fakes and frauds, and automate hacking tools. The things is, yes, we are using AI for our beneficial side in our business life, but after all, there are ready and very powerful, very patient attackers. Of course, learning using AI to make and sophisticated their attacks. So that is why all phishings, all deep fakes and fraud and automated hacking tools make everything easier for them. In the past, if you want to break a cord, if you want to break an encrypted system, you generally need to take the leverage and use your systems mainly one week or two weeks or something.

But right now, everything can be in seconds. So that is why it's a big challenge for us and especially the biggest point in here, of course, deep fakes for cybercriminals can use AI driven deep fake technologies to impersonate key figures and manipulate and deceive organizations. Maybe I can give just one quick example. I am an, Cambridge University alumni, and our first lecture was, of course, total, the Analytica case, Cambridge Analytica. And the main things is with deep fakes, you can manipulate people. You can manipulate a country. You can change a managing model. So that is why, of course, all of them is important, but all this data hallucination and deepfakes can impact your social life badly. And in another one is bias and fairness. As we just talk about, we are using sometimes mainly dirty data.

So that is why bias and fairness can be our biggest problem. So this discriminatory decision making means that in AI systems, user cybersecurity might flag certain individuals' behaviors and geographics as a high risk based on historical data reinforcing existing biases. So this historical data is the main wording in here. In historical data, we collected all this dirty data. We created all this dirty and unfiltered data together. So un united exclusion, it means that all the certain minority groups or types of data might be underrepresented in AI training sets. So it means that today, when you're trying to use AI as a decision maker, it always try to tend to choose the popular group, not the minority ones. So the equality is the problem.

But today, we've got another problem because especially most probably, you saw that at the beginning this year, after JD Vane gave the speech in Europe, they just overtake AI liability act. So it means that there is no responsibility pressure right right now on tech side. So it means that we need to get this responsibility right now as startups, as corporate companies, as an individual in the business life. And the false positives, of course, in other things. And the third problem is the lack of transparency, the black box problem. Black box problem means that when you feed AI systems in the core coding area, you generally putting all these data sets and just use AI systems to manage it. And we are calling it black box. And in black box system, if you want to make reverse engineering, there is no answer for it.

It means that generally, AI getting a decision at the end of as an output to you, it means that you can use AI as a decision maker. But the problem, when you try to make reverse engineering, you cannot getting the real answer because of the black box model. So it means to us, of course, unclear decision, rational. So AI driven decisions, such a flaking search and actions and suspicions may not be fully explainable leading to a lack of accountability. And, of course, another one is challenging auditing. There are lots of professional services companies still saying they can audit you, but there is another problem because without transparency, auditing AI systems for errors and biases is difficult.

Preventing organizations from ensuring their cybersecurity, governance, or privacy systems are functioning as intended. And, of course, the trust issues. Trust is the main word right now. And when we describe AI, especially in business life, we're always trying to use trust for AI thing. So it means that if users doesn't or don't understand how AI works or why certain decisions are made, it means that you haven't get any trust from your customers and because of the this decreased confidence in AI driven cybersecurity things. How we are managing our risks right now, especially in different sectors and different business environment. In EU AI act, they try to identify four different risk degree stores, unacceptable, high, limited, and minimal risks. Risk management in AI deployment essential, identify, assess, and mitigate potential risks associated with AI systems from data privacy, from security concerns, algorithmic biases, and regulatory compliance, organizations must add up pro proactive strategies to navigate to complex landscape of AI risks effectively.

Right now, there you can see there are standards from ISO and NIST. Of course, it's very usable. It can be very beneficial to your companies, but you can find MIT and Cambridge work papers too. They're just trying to prepare a risk repository for your companies. It's more than three millions, risk, row you can see if you can check this kind of white papers. It means that. First of all, you need to understand in your company, are you a AI creator? Are you a end user? Are you a distributor? After you understand your position, it's very easy to identify and clarify your risks. But the main issues in here, depending on the circumstance circumstances and specific application use and level technology development, artificial intelligence can pose risks, cause harm to public interest, and fundamental rights.

It means that it is not just a STLC model system. It is total different than that because in STLC, we generally use very stated models. But right now with AI, it is learning itself. So it means that we need to identify and put in the right place in dynamic models. So we need to understand this difference between them. And another thing, I love this slide, is AI and cybersecurity models based on human involvement. The thing is right now, we are using and living in a world human in the loop. It means that humans are involved in the decision making processes, and we have to say final say. It means that we've got the leverage. So we are doing whatever we want to use in AI. But in the next step, human on the loop model and human out of the loop model.

If you got any conversation with my lawyer friends, because I am both lawyer and engineer, they generally just trying to say, oh, AI is not a decision maker. It's generally guiding us. It's just trying to make our life easier. It's not coming like that feature. Feature is coming like human on the loop model. We will see this kind of model just in five years. You will see. Because especially in Microsoft area or especially in Tech Giants area right now, all these companies just trying to weigh to figure it out how we can put people and AI systems as an equal for the decision making models. So I think the second one, human on the loop model we will see just in years. But human out of the loop, it's in other risk because, you know, that it's like a Terminator world. The nations make decisions autonomously without any human involvement.

It's another dilemma for us because we've got lots of challenges, especially from ethical perspective. So we will see together. What the things is, these all this creates potential risks. If something wrong, there is no human oversight. So still, this is our world. Still, we got leverage. Still, as a human beings, we are managing AI systems. Hopefully, we can use this power in a perfect way. And the ethical guidelines for AI in cybersecurity. I don't wanna make it so long, but the things is especially everybody knew something about GDPR. And in GDPR, transparency, explainability, fairness, bias mitigation, privacy protection, data minimization, accountability, and responsibility. All of these major aspects was in GDPR. And when ICO, the commissioner's part, prepared all this EU AI act, they used all these privacy and data protection legislation's main aspects into AI act.

That is why today, lots of my privacy lawyer friends turn into AI governance lawyers. So that is why they just try to find the meeting points in there. But I just wanna highlight one very big security problem. As if I put my privacy hat onto my hat, and if we talk about data minimization, we really like to use data minimization in privacy area because if you can clear your data, it means that you're genuinely just decreasing your risks. But the main problem, today, if you are using any AI application, you want to personalize it. You want it tailor made to yourself. So think about that. Everybody wants to get a service for just for them and make a personalization, but we are always giving an advice about data minimization. Without data, you can personalize anything. So this is another biggest dilemma right now. If you connect any tech giant, they generally saying back to you, we are, maybe they they always won't say.

It's another secret. Anonymization, making anonymization for your data. We are anonymized it. It means that they never put identification flag onto the datasets. But after all, just question yourself, how all these application can give back to you a personalized service without stored understanding and searching your personal data? And the feature ethics and innovation in here, I know I don't have so much time. I just wanna highlight that. The feature of AI is not just about technology. It's about how we shape it responsibly together. Maybe I need to jump my last slide in here. I really like this slide, and I generally since two years, I am using that. Maybe next year, I will change, but I still love it. We shape AI. AI shapes us. Every day, we are learning from AI, and we are trying to teaching something to AI.

Even in ChetGPT, if you ask any questions, they generally giving back to you two different options. Do you want to continue with this answer or this answer? As that moment, in this, in in in this time, you are training JetGPT. So still we got the leverage. I hope that in the future, we will get responsibility and we will manage AI in a trustworthy environment. Thank you very much joining my session.