The video technology hub | Pexip

Who should care about AI privacy and security?

Written by Pexip | Mar 18, 2024 8:17:20 PM

If you’re in government or a highly regulated industry, this blog is for you 

 

Why should highly regulated industries and government think about privacy and security for AI? Today, many government organizations are required to keep data private and in-country. Not only because of regulation and sovereignty requirements, but more importantly to address the ever-increasing AI cyber security threats. And the reach of these threats goes far beyond just government, impacting regulated industries across the board.  

 

Read why private and secure AI is so crucial for video conferencing.

 

 

What do we want? AI! When do we want it? Now! 

 

The demand for AI to improve productivity and job efficiency is only growing. It is top of mind for most industries, and AI vendors are promoting how much better everything becomes when AI is in the mix. And what we see as a result is that end-users are even more likely to ask for additional AI services to enhance their jobs. 

 

But before you jump into the AI pool with them, take a moment to reflect. 

 

To benefit from cloud-based AI-services, such as solutions that help you take notes in meetings, generate transcripts, and record action items, that AI service must interpret and understand the content of your meeting. Not only what you share on the screen, but every spoken word. A machine sits somewhere in a cloud service and interprets conversations between meeting participants based on language, context, and even sentiment. 

 

And all that information is sent across the internet to an external AI service – creating an entirely new and incredibly valuable target for cyber threat actors. 

 

 

Cyber security threats driven by AI 

 

Former New York Times contributor Nicole Perlroth has discussed multiple cases in which intruders have digitally broken into and, in some cases, even seized control over critical infrastructure installations. Perlroth reports that such incidents include more than 20 American oil and gas pipelines, of which 13 were successfully compromised, as well as intrusions into the power grid, water treatment facilities, and even nuclear power plants 

 

Cyber threat actors have been able to gain access to critical infrastructure, potentially harming people, regions, countries, or even continents.  

 

AI opens for a whole new level of security challenges because of the types of content and data potentially being sent across the internet.  

 

 

 

 

Meeting content vs metadata 

 

As with everything related to video conferencing and virtual meetings, media encryption ensures that nobody sees the content you send across the internet. But metadata still can reveal who communicates with whom and who is based where.

  

It is just as important to protect the metadata of a conversation as it is to protect the actual content, as metadata can be equally revealing as to what is going on. 

 

In fact, former NSA (National Security Agency) General Michael Hayden, made a remark that “metadata [ ...] can tell the government "everything" about anyone who it's targeting for surveillance, often making the actual content of the communication unnecessary” and that “[We] kill people based on metadata.” 

 

Keeping your metadata secure becomes as important as keeping the content secure.  

 

 

Critical infrastructure: organizations run video conferencing on air-gapped networks 

 

At Pexip, we see that more and more organizations are concerned about their communication practices.  

 

With heightened global political tension and cyber security threat levels, there are an increasing number of our customers wanting to safeguard their communication by both deploying alternatives to public cloud-based communication solutions, as well as hosting it themselves in private, and often air-gapped networks. 

 

But the need for AI is still there and is only growing, and some organizations and alliances face challenges in that they are multinational and are required to speak and be understood in many different languages – challenges which AI can address. 

 

This is why we are continuing to develop on-premises and self-hosted AI solutions that can perform the tasks people need, but in a secure and private way. 

 

 

 

Is self-hosting AI for you? 

 

With our Pexip Infinity video platform for Secure Meetings hosted on-premises and on your own network, we enable self-hosted AI services and capabilities. 

 

Working with NVIDIA, we enable secure and private AI-powered real-time translation and closed-captioning (speech-to-text) services. These are services and capabilities that remain in your control, and that are not exposed to being sent across the internet. 

 

You can choose between several deployment options – from completely air-gapped to your own private cloud instance. This allows you to remain in control of not only your meeting content, but also that important metadata too.