Transcript
Hi Mike Matchett Small World Big Data. We are here this week talking with experts in AI and compliance and risk and security because deep seek. It's upset that AI AI market it's thrown everything into chaos. The price of NVIDIA has been bouncing up and down, but more importantly, how safe is it to use something coming out of China that is billions and billions of nodes deep? We got to check into this. Hang on. And I have got experts from encrypted AI today to talk to us about what's going on inside deep tech. Welcome back to our show, Sahil. Welcome. Thank you. Mike, thank you for having me. You're you're with encrypt AI. We've got, uh, we've got, uh, some footage of us talking previously about some of the details of what encrypt AI does. I'm going to have trouble saying that today. Uh, I'm so excited. But let's just step back a little bit and talk about where you fit in this AI market, because it's exciting. It's burgeoning. What does encrypt I do at the highest level? How should people think of encrypt? So so encrypt AI is an AI security and compliance platform. We're essentially helping enterprises onboard AI applications and use AI applications in a secure and compliant manner. So that's that's the ultimate, uh, value proposition. That's your vision. And mission statements. Are our personal mission to ensure AI is used for good. Ai is used for good for society. Right. So you're you're putting on your white hats in this case, and you're, uh, testing AI models and some pushing them to their limits and trying to find out if they're if they've got risks or good or bad or where the, where the edges are on them. Right. And we'll talk a little bit more as we go about what you specifically do. But let's, let's get right into deep sea. So this is probably a probably a prime example of why people should be paying attention to encrypt and what you guys are doing. It's not a model produced in the US. We don't know what the data is that went into its training. It's it's highly efficient. But what's it really doing? What shortcuts is it taking? What does it do with your data inside. And all sorts of problems with this. What when the deep state thing happened, what was your what was your first response? What was your first thoughts? First thoughts? Amazing engineering innovation. Second part is it actually ready to be used? Can we actually use it, or is it one of those things that flash looks nice, but actually has a lot of bad stuff underneath? All right. So let's just I mean, if people haven't heard Deep Sea, why why is it innovative? Why do people want to use it? Uh, what's what's exciting about the technology here? So they've they've really catapulted reinforcement learning and other technological innovations in the AI field and have done that. Built a model, trained a model at a fraction of a cost than their competitors based in the US, who are spending hundreds of millions or billions of dollars. I think I think that's, uh, that has gotten society and everyone in this field very excited. Uh, and yeah, that's why everyone's talking about it. So that's democratization, possibly of huge gen AI models, the ability to say, hey, we use open source, and now we figured out a way to do it cheaply, put it in in reach of. I wouldn't say everyone has $6 million to train a model, but at least put it in reach of, uh, many more possible AI model generators than just the five big companies out there today, right? Exactly, exactly. And that's huge. If you think about AI and the impact it's having on everyone, having such models within reach is a big, big step for everyone. They can build their own models, customize with their own data sets and so on and so forth, which is ultimately going to drive even much more AI adoption, uh, across, across every industry. And I think that's, that's, that's the innovation that, that, that has everyone excited. Yeah. Remembering our past discussion, though, I am still concerned now. I mean, it's part of part of what it's about when you build a model or you extend a model and you don't know what you're doing and you add data from wherever you find it. Uh, you introduce a lot of risk. I mean, there's just it's could you just sort of off the top of your head, name a couple, go down a couple of things that can be risky in models that you don't know what they're doing. And eventually this becomes a compliance issue. But just what are the what are the sort of the key risks? I think I think one of the biggest use cases we've seen with models, right, is writing, writing software, writing code. Right. And if if the model I'm using is actually writing. I can generate a lot of malware. Then I'm having to spend more resources in checking that code than anything else, right? That's one of those things. Other risks from a compliance perspective, is generating harmful content, right? Where can you model generate toxic content, or can you model generate very biased content, especially if you think where enterprises are using these models in customer support and those use cases. That is where they're facing a lot of legal and brand risks. Ultimately, if your model can tell you in some form or manner how to. Build bombs or weapons of mass destruction that shows very badly on on these brands. And no one wants that, right? But on the other hand, these models in the hands of bad actors can prove very costly for everyone in the society. We're already seeing a lot like huge, huge increase in phishing attacks that are that are that that they look very real. And a person who is not aware of such attacks would actually fall prey to a lot of these. Right. And so that's that's the flip side like that. That's a huge risk for everyone there. Right. So the use of AI to do hacking I'm not sure what we can really check on that. But so tell us a little bit then about when you're approaching an unknown model like deep sea what with encrypt. What what are you doing to find these risky components? Or this what you what starts to become non-compliant behavior? What are you what are you doing? So so we're doing two steps. We work with model providers, uh, to align the model, uh, to these regulations, to these policies. Uh, but more importantly, adding safeguards, adding guardrails for enterprises to ensure that irrespective of the underlying model that they use, so that they can take advantage of these innovations and capabilities, but making sure that they're limited to how enterprises want, uh, to portray their image. They want to portray their policies. They want to ensure that they're compliant with, uh, different regulations. And so that's how you essentially make sure that these models are used in a safe, secure and compliant manner. All right. So you're going to you're going to test the model. Then first for uh, you know, things that people might ask for. Not safe for work content for bias content. You have got all sorts of tests for that that you run automatically. Um, but you also get a little more adversarial in trying to jailbreak the models. I understand, and start to get a little it's a little more technical than just just a list of 100 prompts, right? Exactly, exactly. It's not a static test that we're doing. It's all iterative. It's all dynamic based on how the how the model is responding, because ultimately you want to find those hidden cracks that can can really blow up, right? It's not the the rough edges that you're looking for. Uh, and those, those like through dynamic, uh, iterations, you find these, uh, jailbreaks or prompt injections or how and in what scenarios will the model be toxic or biased or give you harmful content? And because now you know where those gaps are or cracks are, you can fill or you can put safeguards on it to ensure, uh, or to make it, make it, uh, work as intended. All right. So you're saying if I'm, if I'm reading ahead here, you're saying you can test something like deep seek all the risky edges and behaviors and non-compliant stuff and then add the guardrails around it so that people could actually use it safely. Uh, exactly, exactly. And on that. Uh, I know, I know, this is something that a lot of people are, uh, maybe looking at, but we're also working with model providers to implicitly make the model safe. So when they release a model, we would run these risk assessments or tasks with them. And based on those results, we would align the underlying model to make it implicitly safe itself so that you don't need as many guardrails, uh, itself. So that's that's another aspect. So if you're doing some sort of MLOps or dev dev ops or whatever the term is going to be here, uh, you would basically part of that Cicd pipeline for the models where it's just, you know, part of the part of model development is they've trained it on billions of things, but it's got to come out and be be, be run through the gantlet of, uh, encrypted AI. And, and you're testing, as you're telling me, is dynamic. So it is it using it's using models in turn. It is. It is using our own proprietary model that we have developed. Oh, that's that's interesting. Dive into that in another show I think. How do you use how to use models to watch models. Um, uh, but let's let's talk then let's just get to deep sea. So obviously you've, you've I've seen I've seen the press release, you've looked at deep sea and you found a bunch of things that are immediately dangerous that people should know about. What what are some of the what are some of the, uh, non-compliant behaviors or bad behaviors you found? I think if you if you, uh, the standard benchmark that we use is the NIST Risk Management framework, and based on those categories you're looking at, is the model producing CBR in content. Right. Bio weapons, weapons of mass destruction, and so forth. Is the model producing toxic content and like based on the most widely used model like OpenAI's GPT four or Claude series of models. Deep seq is much more vulnerable 11 like 11 times more vulnerable to produce harmful content. For example, there are a lot of cybersecurity risks that are coming out of it. It's, uh. The hacking tool, right? Hacking. Yeah. Yeah. Uh, yeah. Yeah. And so that that, that is essentially, uh, where, where these risks lie. Right. And it's not that we're targeting deep sea in this case. It's something that we do for every model. It's just that given the excitement with Deep sea, we want to make sure that people are aware. It's like we feel it's our responsibility, that people are aware that don't go after the biggest flashy thing out there. Like take a moment to see whether. I mean, you're fine. You're finding vulnerabilities, you know, three, four even said mentioned ten times more risky behaviors demonstrated by deep sea, then things like OpenAI or GPT or cloud. Right? You're right. This is this is not just like 10% more. This is multiples more dangerous. Exactly, exactly. So like orders of magnitude. Right. And then that's where, uh, that's what people need to be aware of, of these risks. Okay. Uh, just I just want to step back because we have a lot of it. Folks who watch, watch these shows when we talk about code generation and the risk there. Um, you know, some people have these doomsday scenarios that, well, deep seek might generate code that sends my data back to China. Uh, but it seems to me it's much more likely that it could just generate code with vulnerabilities in it to be exploited by other code, and you wouldn't know it. It would be really hard to spot that kind of, uh, code injection. Right, right. Uh, because it's an open source model, people can host it within their own infrastructure. So there's like, even without internet. So you're not necessarily transmitting submitting your data to China or to its own servers. But the fact that it has a lot of code vulnerabilities or malware or propensity to generate malware or insecure code, I think that's, uh, that's the use case that people really need to be, uh, cognizant of. Right. So, you know, we can say we can get rid of our beginner, inexperienced programmers and have AI generate the code, but somebody's got to read that code and look for the malware and the things that the. Exactly. Awesome. Uh, so let let me just, you know, we just kind of this is kind of news. You want to get this out quick? If if someone is interested now in this concept they want to look at, you've got a report on this. Can you tell us where to find that report? Uh, the report is available on encrypt. Com. Uh, people can come to the website and it's right there on the homepage itself, and it'll be there, uh, under under resources as well. Uh, and they can reach out to the team and we'd be happy to help as well. Yeah. So anybody so anybody out there looking and saying, hey, can we leverage deep seek in our own environment. Probably ought to download this report first and just crawl through it and be like, okay, here's here's what we'd be bringing in the door if we do this. Uh, on that. Um, if someone wants to learn more about encrypt AI and using it on their model development or to put guardrails on models they've gotten from somebody else. Uh, should they also just go to your website, or is there something specific they could look at? People can always contact the team on LinkedIn. They can personally reach out to me on LinkedIn. I'm always happy to talk to people, learn more about their problems and see how we can help. Uh, they can contact us via email. My email is SaaS. Com contact us through the website or LinkedIn. Uh, we're always there. All right. I mean, and this is this is this is the interesting thing, right? Deep seek is just the perfect example of why people should be looking at encrypt AI and running it Running it through the running it through the test, running it through the stream and saying like, well, what's the what's what do I have to do? What kind of things can I do to it? And then actually providing an ability to do it. Uh, look forward to seeing more of what you guys are doing. I'm sure there's going to be more models coming out from many people now, uh, leveraging this from all over the world. Uh, so I think your job just got a lot more, uh, challenging and scalable here. We're going to have to see we're going to see you all over the place testing. Um. That's the fun part. That's good stuff. All right. Well, thank you for coming in on such short notice and updating us on the deep sea news and the vulnerabilities. So thanks for coming around. Thank you. Mike. Thank you for having me. All right, folks, go to encrypt AI. That's e n k r y t a I and check it out. Uh, you know, you need this. If you're going to do something like deploy deep scan in your environment. Take care.