WEBVTT 1 00:00:00.080 --> 00:00:02.340 In this section of the course, we are going 2 00:00:02.340 --> 00:00:04.890 to discuss artificial intelligence. 3 00:00:04.890 --> 00:00:07.470 The artificial intelligence section of the course 4 00:00:07.470 --> 00:00:11.160 focuses on Domain 1, Governance, Risk, and Compliance, 5 00:00:11.160 --> 00:00:14.010 as well as Domain 3, Security Engineering, 6 00:00:14.010 --> 00:00:18.810 specifically Objectives 1.5 and 3.6. 7 00:00:18.810 --> 00:00:21.600 Objective 1.5 states that you must be able 8 00:00:21.600 --> 00:00:24.720 to summarize the information security challenges 9 00:00:24.720 --> 00:00:27.870 associated with artificial intelligence adoption. 10 00:00:27.870 --> 00:00:31.380 Objective 3.6 states that given a scenario, 11 00:00:31.380 --> 00:00:35.250 you must be able to use automation to secure the enterprise. 12 00:00:35.250 --> 00:00:39.420 Artificial intelligence or AI has already revolutionized 13 00:00:39.420 --> 00:00:41.460 how we interact with technology. 14 00:00:41.460 --> 00:00:45.390 However, with these advancements come significant challenges 15 00:00:45.390 --> 00:00:47.790 such as the need for responsible use 16 00:00:47.790 --> 00:00:49.770 and ethical considerations. 17 00:00:49.770 --> 00:00:53.910 Additionally, as AI becomes more embedded in our lives, 18 00:00:53.910 --> 00:00:58.110 it introduces new risks, including potential vulnerabilities 19 00:00:58.110 --> 00:01:01.680 and the misuse of AI for malicious purposes. 20 00:01:01.680 --> 00:01:03.990 Understanding and addressing these issues 21 00:01:03.990 --> 00:01:07.650 and risks early is crucial to ensuring that AI 22 00:01:07.650 --> 00:01:10.050 continues to contribute positively 23 00:01:10.050 --> 00:01:12.390 to our day-to-day and beyond. 24 00:01:12.390 --> 00:01:14.130 As we go through this section, 25 00:01:14.130 --> 00:01:15.690 we will cover many topics 26 00:01:15.690 --> 00:01:17.550 related to artificial intelligence, 27 00:01:17.550 --> 00:01:20.700 including generative artificial intelligence, 28 00:01:20.700 --> 00:01:24.960 ethical governance considerations, legal and privacy risks, 29 00:01:24.960 --> 00:01:28.530 threats to the model, AI-enabled attacks, 30 00:01:28.530 --> 00:01:33.530 AI manipulation attacks, AI usage risks, and AI bots. 31 00:01:33.960 --> 00:01:35.580 First, we will look at 32 00:01:35.580 --> 00:01:38.910 generative artificial intelligence or AI. 33 00:01:38.910 --> 00:01:42.720 Generative AI refers to artificial intelligence systems 34 00:01:42.720 --> 00:01:46.200 that create new content such as text, images, 35 00:01:46.200 --> 00:01:47.850 code, or music. 36 00:01:47.850 --> 00:01:51.030 Generative AI learns patterns from existing data 37 00:01:51.030 --> 00:01:52.920 and generates outputs that resemble 38 00:01:52.920 --> 00:01:54.990 or extend the original data. 39 00:01:54.990 --> 00:01:59.700 Models like the generative pre-trained transformer or GPT 40 00:01:59.700 --> 00:02:01.470 are trained on large data sets 41 00:02:01.470 --> 00:02:05.100 to understand language, context and structure. 42 00:02:05.100 --> 00:02:07.320 Based on their amount of training data, 43 00:02:07.320 --> 00:02:11.730 GPTs can produce coherent and contextually-relevant content. 44 00:02:11.730 --> 00:02:15.210 Baseline generative AI concepts include code assist 45 00:02:15.210 --> 00:02:16.710 and documentation. 46 00:02:16.710 --> 00:02:19.260 Code assist helps developers by suggesting 47 00:02:19.260 --> 00:02:20.790 or completing code. 48 00:02:20.790 --> 00:02:24.810 Documentation automatically generates technical documents 49 00:02:24.810 --> 00:02:27.030 such as user guides, release notes, 50 00:02:27.030 --> 00:02:29.400 and other technical documentation. 51 00:02:29.400 --> 00:02:33.000 In practice, a developer might use generative AI 52 00:02:33.000 --> 00:02:37.020 to assist in writing code by receiving realtime suggestions 53 00:02:37.020 --> 00:02:39.780 or generating comprehensive documentation 54 00:02:39.780 --> 00:02:41.820 based on their code base. 55 00:02:41.820 --> 00:02:45.870 Next, we will explore ethical and governance considerations. 56 00:02:45.870 --> 00:02:48.420 Ethical and governance considerations are used 57 00:02:48.420 --> 00:02:50.730 to establish frameworks and guidelines 58 00:02:50.730 --> 00:02:54.420 to ensure AI is developed and used responsibly, 59 00:02:54.420 --> 00:02:56.640 and that it aligns with societal values 60 00:02:56.640 --> 00:02:58.620 and organizational principles. 61 00:02:58.620 --> 00:03:00.510 Ethical governance considerations 62 00:03:00.510 --> 00:03:03.120 include the ethical governance of AI 63 00:03:03.120 --> 00:03:06.510 and organizational policies on the use of AI. 64 00:03:06.510 --> 00:03:09.540 The ethical governance of AI refers to the structures 65 00:03:09.540 --> 00:03:11.790 and practices put in place 66 00:03:11.790 --> 00:03:14.850 to guide the ethical deployment of AI. 67 00:03:14.850 --> 00:03:16.770 Ethical governance further ensures 68 00:03:16.770 --> 00:03:19.770 that this technology is used in ways that are fair, 69 00:03:19.770 --> 00:03:22.230 transparent, and accountable. 70 00:03:22.230 --> 00:03:24.750 Organizational policies on the use of AI 71 00:03:24.750 --> 00:03:28.650 are specific rules and guidelines created by companies 72 00:03:28.650 --> 00:03:32.940 to govern how AI is implemented within their organization. 73 00:03:32.940 --> 00:03:37.050 Local organizational policies ensure that AI use aligns 74 00:03:37.050 --> 00:03:38.910 with both legal requirements 75 00:03:38.910 --> 00:03:42.000 and an organization's ethical standards. 76 00:03:42.000 --> 00:03:45.060 For example, an organization might implement 77 00:03:45.060 --> 00:03:49.020 an ethical governance framework that requires all AI models 78 00:03:49.020 --> 00:03:52.980 to undergo bias testing, and mandates transparency 79 00:03:52.980 --> 00:03:55.650 into the AI decision-making process. 80 00:03:55.650 --> 00:03:59.250 This requirement can be supported by internal policies 81 00:03:59.250 --> 00:04:01.170 that restrict the use of AI 82 00:04:01.170 --> 00:04:03.900 in areas where it could lead to discrimination 83 00:04:03.900 --> 00:04:05.820 or privacy violations. 84 00:04:05.820 --> 00:04:09.330 Then we will look at legal and privacy rules. 85 00:04:09.330 --> 00:04:13.440 Legal and privacy rules ensure that AI systems are designed 86 00:04:13.440 --> 00:04:16.890 and deployed in compliance with laws and regulations 87 00:04:16.890 --> 00:04:20.190 to protect individual rights and personal data. 88 00:04:20.190 --> 00:04:24.180 Legal and privacy implications include potential misuse 89 00:04:24.180 --> 00:04:28.230 and explainable versus non-explainable AI models. 90 00:04:28.230 --> 00:04:32.490 The potential misuse of AI arises when AI systems are used 91 00:04:32.490 --> 00:04:35.160 in ways that could lead to discrimination, 92 00:04:35.160 --> 00:04:38.880 privacy violations, or other harmful outcomes. 93 00:04:38.880 --> 00:04:42.990 This misuse is often exacerbated by the opacity 94 00:04:42.990 --> 00:04:44.790 of the models that are used. 95 00:04:44.790 --> 00:04:48.510 This infers that AI models may be explainable 96 00:04:48.510 --> 00:04:50.220 or non-explainable. 97 00:04:50.220 --> 00:04:53.310 Explainable models are those that provide clear, 98 00:04:53.310 --> 00:04:55.740 understandable reasons for their decisions. 99 00:04:55.740 --> 00:04:57.330 Non-explainable models 100 00:04:57.330 --> 00:04:59.490 like many deep learning algorithms 101 00:04:59.490 --> 00:05:02.400 can be difficult to interpret or understand. 102 00:05:02.400 --> 00:05:05.460 Non-explainable models make it difficult to determine 103 00:05:05.460 --> 00:05:08.220 why the AI made the decisions it did. 104 00:05:08.220 --> 00:05:11.400 These are often referred to as black box models. 105 00:05:11.400 --> 00:05:16.320 Non-explainable AI models raise challenges in legal contexts 106 00:05:16.320 --> 00:05:18.480 where transparency is required. 107 00:05:18.480 --> 00:05:21.510 For example, in a credit scoring application, 108 00:05:21.510 --> 00:05:24.720 using a non-explainable model could result in 109 00:05:24.720 --> 00:05:29.130 unfair loan denials that cannot be easily justified. 110 00:05:29.130 --> 00:05:32.400 These AI decisions could lead to legal challenges 111 00:05:32.400 --> 00:05:35.550 considering anti-discrimination laws. 112 00:05:35.550 --> 00:05:38.850 Next, we will explore threats to the model. 113 00:05:38.850 --> 00:05:42.300 Threats to the artificial intelligence or AI model 114 00:05:42.300 --> 00:05:44.970 are those that can compromise the integrity, 115 00:05:44.970 --> 00:05:48.990 security, or confidentiality of AI systems. 116 00:05:48.990 --> 00:05:53.100 The compromise of AI models can lead to incorrect decisions 117 00:05:53.100 --> 00:05:55.950 or unauthorized access to sensitive data. 118 00:05:55.950 --> 00:05:58.440 These threats are potential attack paths 119 00:05:58.440 --> 00:06:00.030 for malicious actors. 120 00:06:00.030 --> 00:06:03.300 Threats to the model include prompt injection, 121 00:06:03.300 --> 00:06:07.170 unsecured output handling, training data poisoning, 122 00:06:07.170 --> 00:06:11.370 model denial of service, supply chain vulnerabilities, 123 00:06:11.370 --> 00:06:14.190 model theft, and model inversion. 124 00:06:14.190 --> 00:06:16.590 Prompt injection occurs when an attacker 125 00:06:16.590 --> 00:06:20.430 manipulates input prompts to alter the model's behavior. 126 00:06:20.430 --> 00:06:22.950 Prompt injection may then produce harmful 127 00:06:22.950 --> 00:06:24.990 or unintended outputs. 128 00:06:24.990 --> 00:06:27.720 Unsecured output handling can be exploited 129 00:06:27.720 --> 00:06:31.470 to leak sensitive information or execute malicious commands. 130 00:06:31.470 --> 00:06:33.720 Next, training data poisoning 131 00:06:33.720 --> 00:06:36.960 is the intentional manipulation of training data 132 00:06:36.960 --> 00:06:39.990 to skew the model's predictions or performance. 133 00:06:39.990 --> 00:06:42.660 Training data poisoning can lead to bias 134 00:06:42.660 --> 00:06:46.230 or incorrect decision making and operational failures, 135 00:06:46.230 --> 00:06:49.350 security violations or ethical issues 136 00:06:49.350 --> 00:06:53.610 that undermine the trust and reliability of the AI model. 137 00:06:53.610 --> 00:06:55.620 Model denial of service attacks 138 00:06:55.620 --> 00:06:58.380 aim to overwhelm the AI system, 139 00:06:58.380 --> 00:07:00.930 preventing legitimate users from using it. 140 00:07:00.930 --> 00:07:03.930 Next, supply chain vulnerabilities emerge 141 00:07:03.930 --> 00:07:07.110 when compromised components or third party libraries 142 00:07:07.110 --> 00:07:08.880 used in model development 143 00:07:08.880 --> 00:07:12.570 are exploited to insert malicious code, backdoors, 144 00:07:12.570 --> 00:07:15.780 or alter the functionality of the AI system. 145 00:07:15.780 --> 00:07:19.980 AI supply chain attacks can lead to unauthorized access, 146 00:07:19.980 --> 00:07:22.920 data breaches, or the deployment of flawed models 147 00:07:22.920 --> 00:07:27.240 that behave unpredictably or maliciously in production. 148 00:07:27.240 --> 00:07:30.270 Model theft is the unauthorized extraction 149 00:07:30.270 --> 00:07:32.400 of a model's intellectual property. 150 00:07:32.400 --> 00:07:35.310 Model theft could allow attackers to replicate 151 00:07:35.310 --> 00:07:37.080 or misuse the model. 152 00:07:37.080 --> 00:07:40.230 Finally, model inversion allows attackers 153 00:07:40.230 --> 00:07:44.010 to reconstruct sensitive data used during AI training. 154 00:07:44.010 --> 00:07:46.380 By analyzing the model's outputs, 155 00:07:46.380 --> 00:07:49.680 an attacker could use model inversion to extract 156 00:07:49.680 --> 00:07:53.070 and expose sensitive data, such as personal information 157 00:07:53.070 --> 00:07:54.780 or proprietary details 158 00:07:54.780 --> 00:07:57.780 that were used during training the AI model. 159 00:07:57.780 --> 00:08:00.810 This could lead to privacy breaches and data theft. 160 00:08:00.810 --> 00:08:04.380 In application, an attacker might use prompt injection 161 00:08:04.380 --> 00:08:07.560 to cause a chat bot to generate harmful advice, 162 00:08:07.560 --> 00:08:09.690 exploit unsecured output handling 163 00:08:09.690 --> 00:08:12.030 to extract confidential information, 164 00:08:12.030 --> 00:08:14.400 and engage in training data poisoning 165 00:08:14.400 --> 00:08:18.330 to bias an AI model used for content moderation. 166 00:08:18.330 --> 00:08:21.870 Each of these potential vulnerabilities underscore the need 167 00:08:21.870 --> 00:08:24.480 for managing threats to the AI model. 168 00:08:24.480 --> 00:08:28.290 Following that, we will look at AI enabled attacks. 169 00:08:28.290 --> 00:08:30.270 AI enabled attacks are attacks 170 00:08:30.270 --> 00:08:32.280 that leverage artificial intelligence 171 00:08:32.280 --> 00:08:35.100 to enhance the sophistication, scale, 172 00:08:35.100 --> 00:08:37.560 and effectiveness of malicious activities, 173 00:08:37.560 --> 00:08:41.190 making them more difficult to detect and defend against. 174 00:08:41.190 --> 00:08:45.090 AI enabled attacks include unsecure plugin design, 175 00:08:45.090 --> 00:08:49.320 AI pipeline injectors, and automated exploit generation. 176 00:08:49.320 --> 00:08:52.200 An AI plugin is an add-on or extension 177 00:08:52.200 --> 00:08:55.170 that integrates artificial intelligence capabilities 178 00:08:55.170 --> 00:08:57.810 into existing software or platforms. 179 00:08:57.810 --> 00:09:02.070 AI plugins enable enhanced functionality such as automation, 180 00:09:02.070 --> 00:09:05.940 data analysis, or personalized user experiences. 181 00:09:05.940 --> 00:09:09.120 Unsecured plugin design can leave AI systems 182 00:09:09.120 --> 00:09:12.180 vulnerable to exploitation, allowing attackers 183 00:09:12.180 --> 00:09:14.160 to gain unauthorized access 184 00:09:14.160 --> 00:09:17.220 through poorly secured extensions or integrations. 185 00:09:17.220 --> 00:09:21.060 AI pipeline injectors place malicious data or code 186 00:09:21.060 --> 00:09:23.910 in the AI training or deployment pipeline. 187 00:09:23.910 --> 00:09:27.510 AI pipeline injection can alter the model's behavior 188 00:09:27.510 --> 00:09:31.110 in harmful ways, such as introducing bias, 189 00:09:31.110 --> 00:09:34.110 generating incorrect or misleading outputs, 190 00:09:34.110 --> 00:09:37.080 creating backdoors for unauthorized access, 191 00:09:37.080 --> 00:09:39.510 or compromising the model's integrity. 192 00:09:39.510 --> 00:09:42.900 Automated exploit generation leverages AI 193 00:09:42.900 --> 00:09:44.070 to quickly discover 194 00:09:44.070 --> 00:09:47.310 and create exploits for unpatched vulnerabilities. 195 00:09:47.310 --> 00:09:50.880 Automated exploit generation significantly increases 196 00:09:50.880 --> 00:09:53.430 the speed and precision of attacks. 197 00:09:53.430 --> 00:09:55.860 For example, an attacker could exploit 198 00:09:55.860 --> 00:09:59.490 an unsecured AI plugin in a web application, 199 00:09:59.490 --> 00:10:02.550 inject malicious code into the AI model 200 00:10:02.550 --> 00:10:04.110 during its training phase, 201 00:10:04.110 --> 00:10:08.130 and then use AI to automatically generate exploits 202 00:10:08.130 --> 00:10:10.410 targeting the compromised system. 203 00:10:10.410 --> 00:10:14.190 Then we will explore AI manipulation attacks. 204 00:10:14.190 --> 00:10:17.820 AI manipulation attacks involve the intentional alteration 205 00:10:17.820 --> 00:10:21.330 or deception of AI systems to produce harmful 206 00:10:21.330 --> 00:10:22.950 or misleading outcomes. 207 00:10:22.950 --> 00:10:24.840 AI enabled manipulation attacks 208 00:10:24.840 --> 00:10:27.780 include social engineering and deepfakes 209 00:10:27.780 --> 00:10:30.720 through digital media and interactivity. 210 00:10:30.720 --> 00:10:33.030 Social engineering refers to the techniques 211 00:10:33.030 --> 00:10:34.830 that exploit human trust 212 00:10:34.830 --> 00:10:37.440 to deceive individuals into interacting 213 00:10:37.440 --> 00:10:39.660 with manipulated AI outputs. 214 00:10:39.660 --> 00:10:43.230 Interactivity may occur through interactive chatbots 215 00:10:43.230 --> 00:10:45.420 or social media platforms. 216 00:10:45.420 --> 00:10:49.470 Manipulating AI outputs could include deep fake videos 217 00:10:49.470 --> 00:10:53.520 or audio that appear genuine but are entirely fabricated. 218 00:10:53.520 --> 00:10:57.270 Deepfake technology uses AI to create realistic 219 00:10:57.270 --> 00:10:59.280 but fake digital media. 220 00:10:59.280 --> 00:11:02.100 Deep fakes can be distributed through social media, 221 00:11:02.100 --> 00:11:04.980 video conferencing, and streaming services 222 00:11:04.980 --> 00:11:08.970 to convincingly mimic real people, leading to misinformation 223 00:11:08.970 --> 00:11:10.890 or reputational damage. 224 00:11:10.890 --> 00:11:15.090 For example, an attacker might use deepfake technology 225 00:11:15.090 --> 00:11:17.640 to create a video of a company executive 226 00:11:17.640 --> 00:11:19.530 making false statements, 227 00:11:19.530 --> 00:11:22.500 then employ social engineering tactics 228 00:11:22.500 --> 00:11:24.720 to distribute the video widely, 229 00:11:24.720 --> 00:11:27.840 causing significant harm to the company's reputation 230 00:11:27.840 --> 00:11:29.490 and misleading the public. 231 00:11:29.490 --> 00:11:32.490 Next, we will look at AI usage risks. 232 00:11:32.490 --> 00:11:35.160 AI usage risks are the potential dangers 233 00:11:35.160 --> 00:11:37.110 and unintended consequences 234 00:11:37.110 --> 00:11:39.000 that arise from the implementation 235 00:11:39.000 --> 00:11:42.180 and reliance on artificial intelligence systems. 236 00:11:42.180 --> 00:11:45.600 AI usage risks may be realized when AI systems 237 00:11:45.600 --> 00:11:48.480 are not properly managed or understood. 238 00:11:48.480 --> 00:11:51.960 Risks of AI usage include overreliance, 239 00:11:51.960 --> 00:11:54.720 sensitive information disclosure to the model, 240 00:11:54.720 --> 00:11:57.660 sensitive information disclosure from the model, 241 00:11:57.660 --> 00:12:01.260 and excessive agency of the AI. 242 00:12:01.260 --> 00:12:04.260 Over-reliance on AI can lead to situations 243 00:12:04.260 --> 00:12:06.750 where human judgment is undervalued, 244 00:12:06.750 --> 00:12:08.490 potentially resulting in decisions 245 00:12:08.490 --> 00:12:11.400 that overlook important contextual factors 246 00:12:11.400 --> 00:12:13.740 that AI cannot calculate for. 247 00:12:13.740 --> 00:12:16.590 Sensitive information disclosure to the model 248 00:12:16.590 --> 00:12:19.110 occurs when private or confidential data 249 00:12:19.110 --> 00:12:23.910 is input into AI systems without adequate safeguards. 250 00:12:23.910 --> 00:12:26.550 Sensitive information disclosure to the model 251 00:12:26.550 --> 00:12:29.940 raises the risk that disclosure data could be mishandled 252 00:12:29.940 --> 00:12:32.700 or exploited by the AI model. 253 00:12:32.700 --> 00:12:35.280 Sensitive information disclosure from the model 254 00:12:35.280 --> 00:12:38.820 involves the unintentional release of private data 255 00:12:38.820 --> 00:12:41.610 that the AI has learned during its training. 256 00:12:41.610 --> 00:12:44.100 Sensitive information disclosure from the model 257 00:12:44.100 --> 00:12:46.290 can lead to privacy breaches. 258 00:12:46.290 --> 00:12:51.290 Finally, excessive agency of the AI refers to situations 259 00:12:51.300 --> 00:12:55.860 where AI systems are given too much control or autonomy. 260 00:12:55.860 --> 00:12:58.800 AIs with excessive agency can make decisions 261 00:12:58.800 --> 00:13:01.110 or take actions that are harmful 262 00:13:01.110 --> 00:13:03.870 or not aligned with societal values. 263 00:13:03.870 --> 00:13:07.200 In poor practice and demonstrating overreliance, 264 00:13:07.200 --> 00:13:10.800 a healthcare provider might rely on an AI system 265 00:13:10.800 --> 00:13:12.480 for diagnosing patients, 266 00:13:12.480 --> 00:13:14.430 inputting sensitive patient data 267 00:13:14.430 --> 00:13:17.010 without sufficient privacy protections. 268 00:13:17.010 --> 00:13:19.920 And then the risk the AI inadvertently reveals 269 00:13:19.920 --> 00:13:22.350 private information during its operations, 270 00:13:22.350 --> 00:13:25.020 while also allowing the AI too much autonomy 271 00:13:25.020 --> 00:13:27.450 in making critical health decisions. 272 00:13:27.450 --> 00:13:30.600 Finally, we will explore AI bots. 273 00:13:30.600 --> 00:13:33.330 AI bots are automated software programs 274 00:13:33.330 --> 00:13:35.520 that interact with users or systems 275 00:13:35.520 --> 00:13:37.800 to perform specific tasks. 276 00:13:37.800 --> 00:13:40.710 AI bots often simulate human behavior 277 00:13:40.710 --> 00:13:44.100 in areas like customer service or data management. 278 00:13:44.100 --> 00:13:48.120 AI bots may also serve as assistance and digital workers. 279 00:13:48.120 --> 00:13:52.800 AI bot concepts include access and permissions, guardrails, 280 00:13:52.800 --> 00:13:57.150 data loss prevention, and the disclosure of AI usage. 281 00:13:57.150 --> 00:14:00.300 Access and permissions refer to the controls put in place 282 00:14:00.300 --> 00:14:03.210 to ensure that AI bots only interact with 283 00:14:03.210 --> 00:14:07.350 data and systems they are explicitly authorized to access. 284 00:14:07.350 --> 00:14:09.600 By doing this, access and permissions 285 00:14:09.600 --> 00:14:12.300 prevent unauthorized data manipulation 286 00:14:12.300 --> 00:14:14.100 and security breaches. 287 00:14:14.100 --> 00:14:17.430 Guardrails are predefined boundaries or rules 288 00:14:17.430 --> 00:14:20.250 that restrict the actions of AI bots. 289 00:14:20.250 --> 00:14:22.140 Guardrails ensure AI bots 290 00:14:22.140 --> 00:14:25.320 operate with safe and intended parameters. 291 00:14:25.320 --> 00:14:29.310 Data loss prevention strategies are used with AI bots 292 00:14:29.310 --> 00:14:32.370 to prevent sensitive information from being accessed 293 00:14:32.370 --> 00:14:34.050 or leaked inadvertently. 294 00:14:34.050 --> 00:14:38.400 Finally, disclosure of AI usage involves informing users 295 00:14:38.400 --> 00:14:40.950 that they are interacting with an AI bot 296 00:14:40.950 --> 00:14:42.600 rather than a human. 297 00:14:42.600 --> 00:14:45.990 Disclosure of AI usage is important for transparency 298 00:14:45.990 --> 00:14:47.820 and maintaining trust. 299 00:14:47.820 --> 00:14:50.400 In application, a customer service bot 300 00:14:50.400 --> 00:14:53.220 with proper access controls and guardrails 301 00:14:53.220 --> 00:14:56.760 might be used to assist users with account inquiries. 302 00:14:56.760 --> 00:14:59.670 Data loss prevention measures would ensure the bot 303 00:14:59.670 --> 00:15:03.240 cannot access or leak sensitive financial information, 304 00:15:03.240 --> 00:15:06.300 and clear disclosure would let customers know 305 00:15:06.300 --> 00:15:10.140 they're interacting with an AI system and not a human. 306 00:15:10.140 --> 00:15:12.780 To finish things off, we'll take a short quiz 307 00:15:12.780 --> 00:15:15.630 to see what you learned during this section of the course, 308 00:15:15.630 --> 00:15:19.320 and we will review each of those quiz questions fully 309 00:15:19.320 --> 00:15:22.380 to ensure you can explain why the right answers were right 310 00:15:22.380 --> 00:15:24.210 and the wrong answers were wrong. 311 00:15:24.210 --> 00:15:27.630 So let's get ready to dive into artificial intelligence 312 00:15:27.630 --> 00:15:29.523 in this section of the course.