At the beginning of 2023, the global generative AI industry ushered in explosive growth, and a large number of AI products and applications have been launched one after another, allowing users to deeply perceive the charm of AI. The generative AI market is expected to grow from $40 billion in 2022 to $1.3 trillion in revenue by 2032.
Just as a large number of users are "early adopting" generative AI, countless new cybersecurity risks are surfacing. How to solve the security problems brought about by AI and further use AI to empower network security has become a new focus of attention of the network security industry.
On August 31, 2023, Amazon Cloud Technology re:Inforce 2023 China Station was held in Beijing. The theme of this conference is "Comprehensive Intelligent Security in the AI Era", focusing on the opportunities and challenges that generative AI brings to enterprise security.
Amazon Cloud Technology believes that security is an unavoidable and important issue in building generative AI, and it is also the cornerstone for AI to truly play a role. Only by doing a good job in the security protection of data, models and applications during the AI journey, can enterprises better use AI to accelerate business Innovate, and at the same time make a strategic layout in global business planning.
Safety is also the number one goal of Amazon cloud technology's continuous construction over the years. After the opening of the conference, Paul Vixie, Vice President of Global Security of Amazon Cloud Technology, introduced the mature experience of Amazon Cloud Technology in security compliance, so as to help users jointly develop comprehensive intelligent security in the AI era.
At the conference, Amazon Cloud Technology announced the establishment of a "Joint Security Laboratory" with Tuya Smart. The two parties will jointly create in confidential computing and data privacy, Matter technology cooperation and system construction, and the security practice of generative AI in the IoT field. wait.
Amazon Cloud Technology officially launched the "Sensitive Data Protection Solution" to realize automatic discovery of sensitive data and manage data assets on a unified platform. The conference also released a number of new security services and functions, such as Amazon Verified Permissions, Amazon CodeGuru Security, Findings Groups for Amazon Detective, etc., to promote enterprises to implement zero trust, intelligently discover vulnerabilities and respond.
AI Era, Leading Intelligent Cloud Security
In recent years, artificial intelligence technology has developed rapidly, and generative AI application scenarios have exploded, ushering in a new turning point. At the meeting, Dai Wen, Director of Solution Architecture of Amazon Cloud Technology Greater China, delivered a keynote speech on "AI Era, Leading Intelligent Cloud Security" , deeply interpreting the cloud security challenges faced by enterprises under the wave of generative AI. The latest security trends, together with customers and partners, shared the latest security compliance insights and practices.
[Dai Wen, Director of Solution Architecture, Amazon Cloud Technology Greater China]
Data and model security is key to building AI applications
Data is the foundation for enterprises to use AI for business innovation. In practice, enterprises usually need to use high-value business data for model training and fine-tuning. Data will go through various links such as storage, transmission, use, and governance before generating value. In order to build generative AI applications, enterprises should first ensure end-to-end data security in the process of data flow, and provide safe and valuable data input for generative AI applications.
Amazon Cloud Technology has always strictly complied with the concept of customers owning and controlling data, providing industry-leading technical and physical measures to prevent unauthorized access, and providing data encryption and protection services covering storage, transmission, use, and governance. For example, customers of Amazon Cloud Technology can use Amazon Key Management Service (Amazon KMS) and deeply integrate it with many services of Amazon Cloud Technology to easily protect a variety of data; Amazon Nitro provides hardware-level security mechanisms to achieve network and storage isolation Using the encryption capabilities of Nitro Enclaves, customers can conduct confidential computing where multiple parties can join and process highly sensitive data without disclosing or sharing the actual data to each party individually.
Amazon cloud technology also provides governance services throughout the entire data cycle such as Amazon Data Zone, and launched a sensitive data protection solution at this conference, which can realize automatic discovery of enterprise sensitive data and manage data assets on a unified platform. The solution allows customers to create data catalogs and define sensitive data types using built-in or customized data identification rules. The solution uses machine learning and pattern matching to automatically identify sensitive data, and provides a visual panel to help customers more easily identify sensitive data. management and protection.
Enterprises need to use models and basic models to build AI applications. To ensure the accuracy and effectiveness of training results, the security of model training is also crucial. Enterprises should monitor the safe operation of models in all aspects, including model access security, model management, model operation security monitoring, etc. For enterprises that build their own models, Amazon SageMaker provides a variety of functions to help developers build, train, and deploy models more easily. For example, Amazon SageMaker Model Cards can realize unified management of model information, and Amazon SageMaker Model Monitor can automatically monitor model status. accuracy.
In order to lower the threshold for using customer-generated AI, Amazon Cloud Technology launched Amazon Bedrock, a fully managed basic model service in April this year. Customers can access and use the basic model through API according to their own needs. Amazon Bedrock, like other Amazon cloud technology hosting services, customers can safely use the service in their virtual private cloud (VPC) and fine-tune the underlying model, always keeping their own data and models safe.
Application security is the guarantee to realize the value of AI
The security of the generative AI application itself and access is equally important. Embedding security features into AI applications is one way to improve the security of the applications themselves.
Security in the entire development process - DevSecOps
Take Amazon CodeWhisperer as an example. This service is an AI programming assistant launched by Amazon Cloud Technology. It can use the built-in basic model to generate code suggestions in real time according to the developer's instructions. vulnerabilities and recommend remediation.
Amazon CodeGuru Security is mainly positioned at the CICD stage. It can find and solve code vulnerabilities at any stage of the development process. Second, it can automatically reduce the false positive rate through AI/ML during the CICD process. At the same time, it is based on API design and can Easily integrated into the development workflow for centralization and scalability.
safety in operation
For secure access to applications, enterprises can build zero-trust application security access policies. Amazon Cloud Technology recently launched Amazon Verified Permissions, which provides fine-grained authorization and permission management for user-built applications. Users can use this service to manage the access control of roles and attributes of their applications.
Zhao Haixu, director of information security from Leading Group , also gave a wonderful speech on the theme of "walking ahead of security threats".
Compliance Capabilities Accelerate Generative AI Global Innovation
Amazon cloud technology has now obtained more than 140 security standards and compliance certifications around the world. It is worth mentioning that these compliance certifications not only cover infrastructure, but also many platform applications, such as container platforms and serverless platforms. Amazon Cloud Technology also applies AI technology to its security and compliance services to deal with complex security threats and improve compliance efficiency through smarter security and compliance services.
Amazon Cloud Technology has greatly improved its own compliance efficiency by using AI technology in more than 500 of its own compliance audit control items, saving audit time by 53%. While protecting the compliance and security of customers, Amazon Cloud Technology is also actively using artificial intelligence technology to provide its own compliance capabilities. In addition, the Amazon cloud technology APN partner network provides hundreds of industry-leading security solutions to protect customers' applications and data security in a multi-layered manner.
Quick overview of the heavy release: all-round overweight industry and sea safety
Established a "joint security laboratory" with Tuya Smart to inject new momentum into the security development of the Internet of Things industry
Amazon Cloud Technology announced the establishment of a "Joint Security Lab" with Tuya Smart, the world's leading IoT developer platform. The two parties will focus on confidential computing and data privacy, Matter Joint co-creation of technical cooperation and system construction, generative AI in the field of IoT and other security practices.
Tuya Smart and Amazon Cloud Technology have cooperated for nearly nine years. The establishment of the "Joint Security Laboratory" will further strengthen the cooperation between the two parties, inject new momentum into the security development of the Internet of Things industry, and devote itself to providing security for customers and end users. IoT devices offer more security.
Cooperated with Deloitte to release "White Paper 2023 Edition of Chinese Enterprises Going Overseas Development Proposals"
Amazon Cloud Technology and Deloitte Enterprise Consulting jointly released the "White Paper 2023 Edition of Chinese Enterprises Going Overseas Development Proposals", which puts forward security compliance recommendations from two aspects of organizational construction and technical practice. In terms of organization and construction, overseas enterprises should establish a sound management system, including formulating privacy processing principles and data protection principles, implementing data life cycle management systems, data leakage management regulations, and improving relevant incident response, evaluation and other operating procedures; in terms of technical implementation, More than 300 security and compliance services and functions provided by Amazon Cloud Technology cover five major areas: threat detection and incident response, identity authentication and access control, network and infrastructure security, data protection and privacy, risk management and compliance, and provide enterprises with Provide comprehensive security protection on the cloud.
In addition, Amazon Cloud Technology also provides a responsibility-sharing model, privacy protection on the cloud, and a compliance plan that meets the compliance requirements of almost all regulatory agencies around the world, fully helping Chinese companies cope with compliance challenges when going overseas.
Roundtable discussion: innovation security in the era of generative AI
In the roundtable discussion session titled "Innovative Security in the Generative AI Era", Bai Fan, Product Director of Security Compliance and Governance of Amazon Cloud Technology Greater China, Lu Jinghui, Chief Security Officer of Vivo, and Li Wei, Head of Data Security of Huolala , Dong Chuntao, Technical Director of Palo Alto Greater China, and He Wei, Senior Partner of Deloitte China Security and Privacy, had an in-depth discussion on the problems they encountered in the practice of generative AI.
AI is changing the way of life and work of global users, and it has also brought new business forms and development opportunities to enterprises. However, as pointed out by the Amazon Cloud Technology re:Inforce 2023 conference, security is an unavoidable focus of AI's future development and application, and how to balance AI and security will become a topic that requires long-term exploration and practice.
As we saw at the conference, Amazon Cloud Technology has already made a series of explorations and achievements in the field of generative AI. On the basis of ensuring security and unshakable, it can fully release the potential of AI and promote AI to lead the innovation of the whole industry. . For example, the first thing that a large AI model needs to do is safety and compliance. Amazon Cloud Technology can provide enterprises with various tools for generative AI, covering data, models, and applications. In addition, it also applies AI and generative AI technology to its security and compliance services to deal with complex security threats and improve compliance efficiency with smarter security and compliance services.
Generative AI applications have arrived. Recently, 11 large AI models have been filed in my country and will be opened to the whole society one after another. And when AI applications are surging, we should take the first step to strengthen security.