hey mandre it's so nice to have you tonight while we're waiting for more people to trickle in I'd like to ask a question quick question for you what is the best career advice you have received so far hi stepen thank you so much for having me on product tank uh uh I the best career advice that I have received is uh uh find a good Mentor so I cannot stress the importance of having a good Mentor uh uh who who will be championing for you and who will be advising you on how to navigate through all the career paths and you know the decisions that You' be taking and that has tremendously helped me and uh I would advise anyone to find a good Mentor uh that that that'll be super helpful for anyone's career how did you find your Mentor so it's it's uh it's kind of uh uh there are like very uh official ways of finding mentors but the way that I found is uh uh I used to research and look up for people uh uh people's work and uh uh I Tred to find few people who I really like their work and you know I really want to be like them uh in you know in down the lane like I want to be like them in like 10 years or 15 years or so and that's how I would approach them like you know hey I'm really interested in your work and I I really like you know what you're doing and I want to learn more uh and uh I found really really good mentors uh through that path thank you that's a great advice why don't we start hey everyone I'm Steven Wong one of the co-organizers for prodct tank BV on the stage we also have the other organizers BNA and Ivon our Meetup Group provides opportunities for product people especially those in the greatest Seattle area to exchange ideas and experience about product design development management and all aspects of managing product I'm going to hand over to bavna for a quick introduction to our guest speaker today thank you Stefan good evening everyone thank thank you for choosing to spend time with us today um I'm very excited to introduce our speaker and for today's webinar mjeri vatla I hope I got it right mjeri mjeri is a season product leader with over a decade of experience at Amazon and Google she excels in cyber security infrastructure design and Regulatory Compliance mjeri likes to m M and Empower people from diverse backgrounds to succeed in Tech and product management roles outside of work mangeri loves to enjoy um with her family in Seattle additionally she likes to practice yoga and also explore new places around the world please join me in welcoming mangeri thank you so much bavna already I'm going to okay mandre are you ready to start yes uh one second going give the stage to you I hope everyone can see my screen hello everyone thanks for joining today's session before we start I would like to clarify that content I'll be presenting is solely my own and does not reflect the views or opinions of the companies that I worked with or I work for uh security is my passion not just a job for me I love building product and uh I'm passionate about building product that makes real difference especially those that protect people and information uh in today's presentation I'll guide you through the fundamental aspects of cyber security in developing AI products the challenges and threats these products encounter and strategies to proactively mitigate them uh additionally we'll also delve into secure development practices aimed at minimizing threats along with the Frameworks that promote a privacy focused approach to AI we'll also look through some of the use cases and you know uh real world scenarios uh and we'll walk through how how to mitigate through those and uh we'll also look at some of the emerging Trends and useful resources to break into product management uh uh we'll have some time for Q&A as well and um this is this is a brief overview of like today's agenda and I would like to mention that uh there cyber security and AIML are very indepth uh subjects and and uh uh there are lots and lots of information that you know we can dwell into and we can learn from these topics but today I want to have my audience uh uh at the end of the presentation to have an understanding of basics of AIML and security and uh what are the challenges and threats that you know these uh AIML products face um and Frameworks that they can refer to usually one of the question that I have I I get a lot of times is I do not have experience in like you know how to navigate or build through privacy or like you know security products or in in in any case so I always refer to these Frameworks that will help us like you know uh give give the best practices so uh coming to uh the integration of AIML and uh cyber security uh AIML and generative a AI are reev revolutionizing the industry in many ways uh and AIML technology can be used for strengthening the Cyber SEC security and in turn we also need to protect the AIML Security Services measure and there are stringent security measures needed to protect the AML systems as well and uh I believe that the integration of privacy security and compliance will safeguard the products not only AI products but any products and especially in AI products how this help is protecting the algorithms protecting the models and the infrastructure that's hosting these models must be protected from access manage like you know from accessing through for malicious users or tramping or exploitation and uh privacy is also important aspects in as AML because uh there is an extensive use of you know data used for model training so privacy practices should be brought in into the aspect of this whole AIML product development and uh I always say that you know whatever we have I always believe that whatever we have threats and attacks from like you know age old that are coming in they they are always there and we have to always Safeguard our systems for the attacks that we already know and AIML systems create new threats and attack vectors so therefore securing them is very very crucial uh and uh the intersection of privacy security and compliance uh ensure secure data handling of personal data and also build resilience against cyber threats and adherance to regulatory standards like gdpr or CCPA will additionally help us in protecting the privacy of the systems as well um and uh there are many more privacy preserving techniques like differential privacy and Federated learning is essential is also essential and we have to consider them in you know to safeguard sensitive information while delivering valuable insights through the AIML models and uh thinking through this we also have to think and build our foundation strong uh the foundations of AIML and you know in security and privacy understanding the foundations and their implications for cyber security is crucial for building robust and secure systems uh I I just want to pause here and check uh if I if everything is going fine here yeah I think everything is going fine uh one second yeah okay yeah so uh understanding uh the foundations as I mentioned is very crucial uh when I when I think about the foundations there are various aspect of the foundations right there is data there is model itself and the usage of the model what is data right like there is lot of different sources of data that is used to train and tune the models so the data security is very very important and the model security itself the model which is used uh for like you know for AIML usage is also very crucial and there are lot of people who use this model for inferencing so the three stages or like you know the several stages of all this protection is very important securing data securing model and securing usage when it comes to data security protecting data used for training and inferences from unauthorized access modification or destruction is very very important and ensuring AIML models are Safeguard against TR tampering aders attacks and exploitation that is very crucial in protecting the model security itself and it's also protecting of the IP and where are these models hosted right they are hosted on an infrastructure and securing the computational resources and environments where AIML models operate is very very very crucial uh including like you know this can be hosted in cloud services or on Prem setup it depends on how the deployment model is uh and the basic of like any security is Access Control you have to implement mechanism to control who can access these models or data and related resources often using authentication and authorization protocols um authentication and authorization can you know uh be different like you know levels of authentication and authorization in Cloud you know you can use IM am or you know kubernetes you can use arbac and there are many other things for authorization in different scenarios and another important uh Point here is integrity verification ensuring the Integrity of data and models throughout their life cycle to prevent unauthorized changes or corruption is also also very very important so when I say Integrity verification there are a lot of people these days who are using gen models or anything uh for you know producing the outputs or producing the results but you know you have to make sure that it's generating the data and models the Integrity of that is very very important there are instances where like um uh uh malicious users ask you know for example chatbots to generate malware and you know the code itself will have malware and you do not have a way to to verify like you know the Integrity of the output that you know that the the chatbot is producing and another important aspect is resilience uh AML systems to be resilient against disruptions failures or cyber attacks enabling them to continue functioning effectively resilience is also a age old uh standard like you know you have to build build resilience systems not only for security but also for availability and you know disaster recovery and all of that that principle will apply here as well uh compliance right uh regulatory requirements and Industry standards related to data protection privacy and security are uh place a a pivotal role in you know foundations of uh uh security and privacy and a am AML like there are some examples like gdpr CCPA or Hippa uh act and so on so now we have seen the foundations how like you know the data can be protected how the models can be protected and what are the security measures that you could you can have in place uh to prevent people from stealing uh the model itself or uh incorporating like you know harmful content into the model and uh some of the standards that are that you can use to build like you know secure models and so on uh let's talk a little bit about the threats and challenges that you know the products are the products are facing uh as much as like you know it's important to build uh a secure product there are always malicious actors uh trying to see how they can disrupt like you know activities or uh you know uh steal data uh so some of the common challenges faced are one of the top one is the data poisoning uh introducing malicious or misleading data during the training phases itself to compromise the integrity and performance of these models so uh the malicious actors would like you know introduce uh poisonous data into the data sets and uh uh give like the outputs might not be like uh effective uh that's most common used uh uh most common threat that you know that they are facing and an authorized access or leakage of sensitive data compromising the confidentiality and privacy of it the data breaches uh and there are also instances where they're trying to exploit the outputs of a model to infer sensitive information about the training data potentially also violating privacy and um stealing the model itself attempting to extract or replicate a trained model by querying it with specific input or you know reverse engineering its structure uh is also one of the threat uh for the model stealing uh and uh biasness in the algorithm like you know uh embedding biases in you know AIML algorithms do that result in unfair or discriminatory outcomes often reflecting biases present in you know trained data uh and coming to the uh operational security risks where it's you know the security risk in the operation perspective is present everywhere but in particular to AIML systems insecure apis or inadequate logging or improper access controls or also some of the reasons uh for you know security risks uh and uh often the area that that is uh quite probably ignored is integration with third party Services uh giving over permissive uh uh rules to thirdparty services that you know uh that itself the third party Services itself will have vulnerabilities arising from integrating with AIML system or apis you know that also may be one of the reason for AIML threats and challenges and threats that's why it's always you know um ad wise to do like you know threat analysis when you are doing integration with third party services or threat analysis for you know while building your products or developing your products and outline proper mitigation techniques or uh what are the plans for doing that is is very very important and uh we have learned the foundations like you know what what how do you secure and you know how do you what are the threats that are faced let's move a little bit ahead and talk about what are secure development practices for you know AIML products right uh I always say like you know data security is the most important thing data security and privacy uh for that you have to adopt strong encryption and strict access control and uh for privacy you have to do data anonymization or pseudo anonymization and of of course this all depends on your business use case for the product that you're building and you know what what are the problems that you know trying to solve with that product and uh uh having a strong like you know secure product and uh model security as we already discussed validate models rigorously to detect and you know mitigate vulnerabilities you have to implement tamper detection mechanisms and secure apis because we are we might have like you know API consumption for customers through the secure model security through that continuous monitoring and updates is like one of my favorite topic because you know you always have to continuously monitor for anomalies and security incidents uh when when you are monitoring it there are reactive and you know proactive security as well you know reactive is like if there are any incidents how do you react to it and proactive is if there are any incidents how do we mitigate that even before the incident happens uh and uh complaints and complaints and standards I cannot like stress enough on how important deser these are usually not very um always comes at the end of the spectrum of developing things but I advise to uh have these uh regulatory standards right from the beginning of like development practices you have to add there today data protection regulations and Industry standards there are best pra practices suggested from like you know organizations like nist or like you know there hundreds of Frameworks oasp for application security and uh so on like these uh compl standards and Frameworks provide a reference to the best practices that you need to follow when you're developing your applications or products uh and uh often times like as I mention mentioned previously as well like you know uh many people ask that hey I I don't know where to start when I was when I'm thinking about like you know security privacy compliance or like you know all these things I always advise to look at the Frameworks let's talk a little bit about the Frameworks here uh the Frameworks that I mentioned are mostly privacy Frameworks and uh um you have to pick and choose like the Frameworks that apply for you and your business uh for example if you're uh if if there is a health care uh industry you need a HIPPA or Hippa is like a complaints framework and uh it it all depends on the business use case and you have to pick up the uh framework that suits your business when you're developing uh products uh and uh here you see privacy by Design which is which embeds privacy considerations into the design and architecture of AIML systems and uh one of the most common uh is the fair a fair information practice principles which ensures transparency and limitation data minimization accountability for in handling personal data and N is also a wonderful framework which is managing privacy risk through the structured processes including risk assessment impact assessment and also control implementation and you're welcome to like you know uh go look up for like these Frameworks and understand what these are doing and another important aspect that I want to bring out is ethic AI ethics guidelines uh follow ethical AI development practices this follows ethical AI including transparency accountability fairness and respect for privacy when you're building the products uh and if you if you see the Baseline like you know if you if you don't know like you know which framework I have to apply you know then go for the commonly used framework which is the fairness information practice principles that's the minimum Baseline framework and you know ISO is also uh the Baseline framework that you can start with and depending upon your business needs uh you can go further into what are the regulations and complains needs that you can follow uh when you're developing your systems and with that uh let's take a little bit uh let's Del uh drive into a little bit of about case studies and data breaches that happened and what are some of the mitigation techniques that you know that we can uh that can be applied to prevent this so uh Activision is a uh uh video game of Call of Duty games company in December 2023 uh hackers used AI uh to create an SMS messages for for fishing attacks and It ultimately proved successful as one of the HR staff member succumb to this bait and you know and uh it was a way for them to hack the system uh and one of the ways that maybe they can avoid this ease you know of course the strong foundations and uh um multifactor authentication access management comes into place so always have this foundations Frameworks and then when your Building Solutions map that back to the foundations and the Frameworks that will advise or navigate you through whole uh life cycle of building the product uh and you know secure browsing practices avoiding unknown links and educating your staff like you know on on like you know how to avoid or or you know fake generate like you know uh test fishing attacks with the staff member so those are the some of the processes that you can have and uh another incident happened with task rabbit which suffered a data breach where over 3.7 5 million records of users were compromised including you know some of their information uh the breach was attributed to an AI enabled botnet uh used in uh uh dos attack and for due to that you know it it uh the task rabbit has to deal with like uh shutting down temporarily and like you know uh um potentially this incident also highlighted the potential of AI to be used for icious purposes uh when you uh frame it back to the foundations that I uh mentioned resiliency is the one like you know you have to build resilience systems where it will handle the Dos attacks that is also a good example for that and another one is uh y Brands faced a ransomware attack ransomware is like a popular security attacks that will happen in the in in the in the industry and compromise both corporate and employee data and while the specifics are unknown or they did not disclose it's suspected that AI was LE leveraged to automate decisions on which data to steal for maximum damage potential so they're also using malicious users are also using AI to like hey what data can I still like you know tell me to the maximum damage what will happen they are also becoming Smart in using this AI tools for you know breaching as much as like you know the good guys try to protect the system there are like hundreds of ways this malicious users will try to like you know hack the system or try to find creative ways in uh impacting try to create like you impact for the system and this is like one of the uh Rising uh concern in the uh security World which is deep fake technology which it's powered by AI has led to the creation of Highly realistic and fabricated videos and audios and uh malicious actors use deep fakes to spread misin information manipulate public opinion or damage you know reputation of people uh this poses significant challenge uh in the digital age and uh deep fake has advanced so much that it's uh it became a challenge for uh many many like you know companies to have to combat this there are watermarking Technologies and there are forensic Technologies where people can identify and like you know stop this deep fakes but for a normal uh person it's very hard to like you know identify uh the Deep fake and misinformation and it's always advised to um like verify the authenticity of the information that's provided and this is an area where you know we need more and more investment on how to combat the defects and misinformation that's being propagated and uh that uh concludes like you know how uh we how we go about like Building Products securing the AML products and some of the development practices and case studies and what we have learned from the case studies and vulnerabilities and that that was identified and how to mitigate them uh and go go back always to the foundations and bring build stronger foundations and have the Frameworks and in a in a survey done uh by one of the uh popular companies they said that uh average cost of a data breach is 4.5 million and AI technology is estimated to represent a potential saving of 1.76 million so uh where malicious users are using you know AI to create you know disrupt uh the technology there are potentially a lot of good advantages when we leverage a uh cyber security for the AI itself so proactive AI security the future trend is shift Focus from reactive to proactive AI security measures utilizing AI for threat hunting and vulnerability prediction where we can leverage like tools to predict like vulnerabilities and what kind of threats new threats identify and we can also ask the proactive AI security to generate fly books uh run books on the Fly and uh work on that and the other area is AI ethics and regulations uh emphasize ethical AI development and adherance to emerging AI Technologies to ensure responsible AI in cyber security that is also primary area and uh also leverage AI for automat automating routine security task freeing like humans on complex uh focusing on complex threats and strategic decision making is is is crucial and the uh you know the direction that is heading towards uh gen can generate also like you know generative AI can generate hypothetical cases for threat hunting and you know how to resolve that so we have to utilize the technology for the best uh best of the purposes uh uh and I have some resources here on how to break into product management and if you have like any questions in regarding that feel free to reach out to me I'll be happy to help you in any way I can or in or any other questions that you might have uh in regards to you know AIML cyber security generative AI security or privacy I know this is a very huge and large area and there are lot of things uh to uncover and learn as we as we uh as we learn more about this and this is just scratching the surface of learning the basics of like you know whatl and Zab security is uh with that uh I would open the space if you have any questions thank you mju uh mjeri for uh the insight for uh presentation it was uh mind bloging to hear about the Deep fakes I've been reading about it too um in and like glad to know that there is like a proactive cyber security um implementations or models that's happening in the industry um and moving on to questions um I don't see anyone like asking questions so in the audience so we'll move to the questions from our hosts Stephen do you want to go first hey mandre I'm just curious to better understand the differences between traditional cyber security measures and those needed specifically for aim ml systems yeah that's a great question Sten so uh you know traditional cyber security focuses on protecting structured data and structured infrastructure while AIML requires measure to handle diverse data types because you know you you're training the model with various different data types and also defend diagn aders attacks you also have to secure models themselves and also ensure transparency along with complying with specialized regulations as I mentioned the regulations like gdpr or you know uh um uh privacy regulations and so on and uh so that that that shifted shifts the focus from the traditional cyber security to like you know securing like AIML systems um that being said the old attacks or you know the old threats are always there it's just a new ways of finding how to mitigate the uh new attack vectors is is is the way that we are going towards or you know approaching towards thank you B now I actually seeing a question from the audience oh that's great um so let's go through the audience question then next what kind of s adds do you have if an organization wants to Outsource a service and the vendor uses AI technology this is the first question and the second question is about how can we effectively evaluate vendor Awareness on AI risks awesome yeah uh that's a great question H it in the growing uh uh era of like so many companies coming up with like AI Tech Technologies and services yeah it's always good to partner with vendors and uh leverage like you know uh uh leverage the resources or you know Technologies they have without you bilding everything from scratch so one of the things when you are Outsourcing your um you know to an organization or a service to a vendor is uh try to understand what services the vendor is offering and what services you are trying to Outsource if it's a critical dat or crucial data uh categorize your data right classify your data if it's a critical data uh What uh how do it map to the services that vendor is offering uh try to get a clear uh line of like you know agreements in place of what what they what they're you what how they're using like you know AI technology and ask them the risk assessments uh that they have in place for the technology that they're using and map it back to your uh use case it all depends on your use case and uh how the vendor is addressing your use case so it always starts with you data you and your use cases and the data classification and how the vendor is mapping it to the risk levels that you know that they can take with your data or with your service for them when you're evaluating when you're evaluating vendor um and get the thre threat assessment done for the tools that they're using and if any tool anything will have threats but how they address the threats and how the handle is the uh primarily most important thing would you be able to share like an example of a thread mju like to look for um in third party assessment uh so uh one I can you one example uh that happened recently right like you know a third party uh uh about the for example uh endpoint detection service the crowd strike has taken uh taken a storm of the biggest outage that happened it's not really a uh cyber security incident uh they're claiming it to be a uh software bug that was introduced uh but uh one of the uh things that happened is giving like you know over perm permission or access to that third party Tool uh so that it can do the installations automatically on the system I'm not talking about this particular scenario but in general like you know when you give a third party tool like you know a privileged access they can take like or do updates or do whatever they want to do on that on the system uh so it's also important to see how they're doing the deployments right like you know are they following the standards or they following the canary deployment model you know doing a smaller deployments or Tes and so on uh one of the easiest thing when you're doing vendor assessments also is are they following any uh uh complaint standards or uh security standards for example there are many many industry standards like ISO so to and you know many of the standards uh just see like you know if the vendors have those standards in place usually when they follow the standards they will go through independent third party audit and uh they will have the audit reports and in that audit reports you can uh see how their system is functioning like you know do they have uh backups do they have Disaster Recovery are they doing patches in time and so on so uh that will be also a good direction when you're evaluating like you know uh vendors on you know on not only AI risks but any any any of the Integrations that you're going to have in place super helpful maner thanks for sharing the detailed answer um and let's go to our next question for Yan do you want to go next yeah kind of adding on to that kind of line of uh of discussion um as you whether you're using a third-party software or something that you're building yourself how do you what steps can you take in testing your AI solutions to in you know to ensure uh security and integ Integrity um of that of that uh that particular piece of AI or gen AI software that's a great question uh uh this is one of the challenges that is being faced inl model testing right because due to its non deterministic Behavior or uh lack of transparency like Mo most of the models doesn't have like know uh um they and then the evolving nature itself and uh uh and it also comes to scalability issues because these models utilize a huge amount of compute resources and testing it is also very difficult and uh also absence of like standardized benchmarks uh uh you know and uh these are also sub uh potential there is also potential for bias and there are lots of challenges that comes into uh place you know when when we try to do the testing but one of the ways few of the ways that we can do is use you can use statistical testing acceptable thresholds with the data uh and use high quality data and also uh adverse robustness testing evaluate like the models resilience against various adverse attacks they usually simulate attacks like you know white block box Black Box are targeted attacks un targeted attack and uh also use use uh uh techniques like Fast gradient sign method or projected gradient descent uh to systematically craft like aders adverse attacks and also assess the model's response uh that is one of the few ways of testing it and uh also check for data Integrity thoroughly validate and sanitize the training data uh to remove any inconsistencies or errors uh and improve imp Implement also robust data governance practices to ensure like you know uh the ongoing Integrity with data to throughout the models life cycle I would also bring it back to the uh supply chain security as well where you are when you're deploying you know your models and uh testing your models always the integrity and authenticity needs to be checked with the proper signatures in place and so on thank you MH it's great I think I pretty much covered what I want to ask related to the cloud strike incident so I would go with my next question on if someone wants to become a cyber security product manager like apart from having a usual product manager skills like for example storytelling having an experience in um writing strategy and executing product what are the additional skills that you would suggest to have um or how can they build such relevant experience uh great that's a great question B uh uh so uh for uh for uh cyber security knowledge itself uh for me uh I'm actually more of a uh practical learner where I would look at like what's happening around me and try to learn from that uh a few of the things is I I would uh read a lot of like you know blogs and uh recent incident that happened and what can I learn more about from in from those incidents and how I can like you know uh build a better product uh than what is what already exists uh keep keep yourself in that shoe and always uh build your Basics strong uh build some subject matter of expertise in security and the areas of security security itself is like such a wide uh domain there are lot of security domains as well so understand like you know uh where your interest lies even in the security and uh also uh uh try to like build some you know uh some um side projects of like you know for example you you can just uh utilize and there are a lot of apis open- source uh AI projects available right now like you know build something related to that and uh start practicing you know even if you do not have skill sets it's always uh you can go and learn with the amount of resources that are available um uh you know for free and you know product tank is also a great area to start like you know uh listening to the uh uh guest speakers and learning from them and uh uh I would also believe in like you know personally believe in microlearning like I learn one or two things from every person I meet so uh that also helped me a lot um in building the skill sets not only for like what I'm not telling about cyber security but in general uh but the good resources would be blog post and you know learn about products and uh when you look at a product look at like what you can improve in that product and how can you make that product better uh and also from the business side of things start thinking from the business side of things as well and uh how can you better serve the customers uh from the cyber security perspective uh as I told you before you can use the cyber security for or you can use the cyber security against as well uh so uh you learn like all the ways of how to become successful in that particular domain of expertise that's great if you would suggest like one blog that you follow would you be able to share um for yeah so I included uh some of the resources in uh uh breaking into product management there are a lot of good resources there uh audience can refer back to that and uh uh follow follow for like you know more resources from from that I cannot list like one particular because I I try to like learn from um yeah okay no worries all good um I think over to you Stephen uh thank you mandre and also thank you bner for the facil meditation I would really want to thank you again MRE for sharing your valuable insights into AI privacy and security and I would thank all the audience for joining us today at patan BW stay tuned for the upcoming virtual meetups and iners happy hours in the Seattle area see you next time thank you thank you