The Network Effect at CogX2019, AI Festival - Part 2

This is part two of our blog following the CogX 2019 Festival of AI and Evolving Technology and a reflective look at the network effect and our own Cyber Defence Capability Assessment Tool (CDCAT®), or in this context your Cyber Digital Capability Assessment Twin.

At CogX two presentations showed the AI powered network effect view with alacrity.  The first by Salim Ismall, Transformation in the Age of Machines [5], is mind blowing.  The network effect most apparent in the cost of solar modules, within 12 years solar can or will power the entire worlds energy.  Think about the impacts of that for a moment – in Samil’s words ‘Chaos / Amazement’ is coming, see figure 1 on the plummeting cost of solar modules.  Salim’s suggested advice is not to invest in oil!  The other presentation from Gigi Levy-Weiss of NfX on ‘Network Effects in Computational Biology’, see figure 2, on the cost now of sequencing a genome at $300USD or less driven by our AI advanced understanding and moving past the Moore’s law of processing to crack complexity.  This presentation would however also suggest we will still need oil as a feed stock for a new age of biologically generated materials (my view not stated by Gigi by the way).

Figure 1 Salim Ismall, acknowledgement openex and COGX2019, , photo taken by the author at the CogX2019 festival.

Figure 2 Gigi Levy-Weiss of NfX on ‘Network Effects in Computational Biology’, acknowledgement Nfx and CogX2019, photo taken by the author at the CogX2019 festival

And to the future of digital systems and cyber security.  Some of you may have heard of the Wisdom, Knowledge, Information and Data (WKID) hierarchy – it is commonly stated that you cannot automate for wisdom.  However, when it comes to what is possible with AI and the advanced knowledge management and decision making it enables, we can surely today come very close.  In networking theory our cyber security has been dominated in the information and data levels in considering Confidentiality, Integrity and Availability (CIA), with much of the focus on Confidentiality and Availability. But those new levels of knowledge and wisdom in AI systems are utterly dependent on the integrity of the data and information.  Listen to the current storm in the media about data bias in AI systems today as an example of integrity issues – but in cyber this data integrity for AI algorithms is a novel view of what cyber security integrity may mean compared to the traditional IP protocol networking CIA perspectives.

In the ISO 7-layer model [7], applications and systems, exist at layer 6 and 7, in the eco-system of cloud microservices being orchestrated in a new level of connectivity across the cloud infrastructure is a new layer of network effect. A new systems complexity, both to provide benefit and be exploited for good or ill.  Look at the volume of API’s available for ready use across the internet in the 10’s if not 100’s of thousands, powered by automated enabling Application Programming Interface (API) software like Swagger, and you will see an explosion of potential for network effect benefit.  These API are enabling new services orchestrated in minutes if not less.  Today’s tools in cyber security are but sticking plasters to this evolving digital business eco system.  Tomorrow’s need to be engrained from the bottom up within these interface API, secure by design, with AI enabled systems management that can discern the good user from the bad, at scale, pace and with quantified cyber risk determined.  

In part one of this blog the question was put as to whether we are winning or losing the cyber security battle, but this is perhaps the wrong question, instead can we manage the risk?  Well with AI we stand a chance.

At APMG we state that CDCAT® is an outcome-based approach giving an improved view of operational resilience. Its exploitation of collected data is based on systems control theory of outcomes – its science addresses the complexity of security delivery.  The cascade of security systems delivery capability dependencies needed in managing complex systems dictate the collective ‘systems’ output performance – the network effect.  CDCAT® can support most cyber security assessment giving a unique perspective on the traditional security standards and guidance used in compliance.  In our view and based on detailed conversations we have had with tool vendors, end users and the insurance sector, CDCAT® remains very different from any other approach on the market. 

Even if used as a comparator to other approaches though capable of much more, this makes its results significant in any comprehensive cyber risk management approach. And doing so whilst meeting the business need for decision making at pace – assessments in 1 to 3 days.

Your delivery systems for security matter as much as the security function, so you need to know what they are likely to enable, or not, in outcomes – to know your network effect.  Without this, as described in part one of this blog by Robert Hancock, Chief Research Scientist, BT we will all likely lose the cyber security management battle.

Read it here