Is AI a distraction???

AutomationI was recently in an exchange with a respected industry analyst where they stated that AI is not living up to its hype – they called AI ‘incremental’ and a ‘distraction’. This caught me a bit my surprise, since my view is that there are more capabilities and approaches available for AI practitioners than ever before. It may be the business and tech decision makers approach that is at fault.

It got me thinking about the differences in ‘small’ AI efforts vs. Enterprise AI efforts. Small AI are those innovative, quick efforts that can prove a point and deliver value and understanding in the near term. Big AI (and automation efforts) are those that are associated with ERP and other enterprise systems that take years to implement. These are likely the kinds of efforts that the analyst was involved with.

Many of the newer approaches enable the use of the abundance of capabilities available to mine the value out of the existing data that lies fallow in most organizations. These technologies can be tried out and applied in well defined, short sprints whose success criteria can be well-defined. If along the way, the answers were not quite what was expected, adjustments can be made, assumptions changed, and value can still be generated. The key is going into these projects with expectations but still flexible enough to change based on what is known rather than just supposition.

These approaches can be implemented across the range of business processes (e.g., budgeting, billing, support) as well as information sources (IoT, existing ERP or CRM). They can automate the mundane and free up high-value personnel to focus on generating even greater value and better service. Many times, these focused issues can be unique to an organization or industry and provide immediate return. This is not the generally not the focus of Enterprise IT solutions.

This may be the reason some senior IT leaders are disillusioned with the progress of AI in their enterprise. The smaller, high-value project’s contributions are round off error to their scope. They are looking for the big hit and by its very nature will be a compromise, if not a value to really move the ball in any definitive way – everyone who is deploying the same enterprise solution, will have access to the same tools…

My advice to those leaders disenchanted with the return from AI is to shift their focus. Get a small team out there experimenting with ‘the possible’. Give them clear problems (and expectations) but allow them the flexibility to bring in some new tools and approaches. Make them show progress but be flexible enough to understand that if their results point in a different direction, to shift expectations based on facts and results. There is the possibility of fundamentally different levels of costs and value generation.  

The keys are:

1)      Think about the large problems but act on those that can be validated and addressed quickly – invest in the small wins

2)      Have expectations that can be quantified and focus on value – Projects are not a ‘science fair’ or a strategic campaign just a part of the business

3)      Be flexible and adjust as insight is developed – just because you want the answer to be ‘yes’ doesn’t mean it will be, but any answer is valuable when compared to a guess

Sure, this approach may be ‘incremental’ (to start) but it should make up for that with momentum and results. If the approach is based on expectations, value generation and is done right, it should never be a ‘distraction’.


New Yorker Article on Digital Vigilantes

securityIf you are interested in Cybersecurity, there is an article I found well worth reading (or at least skimming) in the New Yorker – The Digital Vigilantes Who Hack Back. It seemed like something I’d be more likely to find in Wired than The New Yorker, but I’ll take stories like this where I can find them.

The article talks about some of the techniques and issues for moving beyond a pro-active cyber defence.

With tools like Canary and techniques to create homegrown honeypots becoming more prevalent, it’s good to see (what I saw as) a well thought out article discussing some of the technical and legislative issues, using layman terminology.


Symantec Security Report

security compromizeAbout a month ago, I wrote a post about a new Cisco security report that was totally missing the concept of cyber mining and its impact on home and server devices.

I just had a chance to look at Symantec’s annual security center report and it went overboard the other way. Quoting statistics like an increase in coinmining by 8,500% — using the law of small numbers to provide headlines, since coinmining was in its infancy a year ago.

Other than that little bit of histrionics, the report did more effectively cover the concerns that I’ve seen over the last year, with significantly greater software supply chain attacks and mobile malware incidents (their number is up by 54%).

I thought the report well worth reviewing.

Facebook and intrusion creep

hotwaterI was in a conversation with some folks the other day about Facebook and the current ‘torch wielding mob’ concerned about privacy and organizations capitalizing on ‘their’ information. We came to rest on the perspective: “What did this people think was going to happen when they shared all kinds of private information publically?” Now ensconced in our righteous indignation and firm in the knowledge that we were OK, we moved on to other topics.

This morning I opened up Facebook and looked at the apps settings. I was surprised to see that there were probably 50 apps (mainly from encroaching from my mobile phone) that add various levels of access. I quickly pruned this list down to only those I was actually using. This surprised me a bit since I had uninstalled Facebook from my phone long ago and use it so rarely on my PC that I don’t have the password at my fingertips. The gradual erosion of our personal security fortress can happen to anyone, who is not diligent. I should have known better, since I wrote a piece about and how that site tried to raise security awareness back near the turn of the century.

I now need to go to all the other environments, where I use OAuth (the mechanism typically used to log into one system to grant authorization on another website without giving them a specific password). That list can be quite long, for those who are active on the Internet, including: Amazon, Google, Facebook, Microsoft and Twitter.

Another concept we discussed was how some portion of the next generation typically rejects the ideas of the previous generation. Since many of the Millenials are so open about their personal lives – will the next generation hold their connections and actions more close to the chest?? Or has the domination of convenience over privacy/security gone so far that confidentiality is no longer part of our contextual understanding. The business models of some of these companies are betting on the later.

What’s the real outcome of Salesforce’s AI predictions?

automated decisionsYesterday. I was catching up on my technology email and came across this post stating that Salesforce now powers over 1B predictions every day for its customers. That’s a pretty interesting number to throw out there, but it makes me ask “so what?” How are people using these predictions to make greater business impact.

The Salesforce website states:

“Einstein is a layer of artificial intelligence that delivers predictions and recommendations based on your unique business processes and customer data. Use those insights to automate responses and actions, making your employees more productive, and your customers even happier. “

Another ‘nice’ statement. Digging into the material a bit more Einstein (the CRM AI functions from Salesforce) appears to provide analysis of previous deals and if a specific opportunity is likely to be successful, helping to prioritize your efforts. It improves the presentation of information with some insight into what it means. It appears to be integrated into the CRM system that the users are already familiar with.

For a tool that has been around since the fall of 2016, especially one that is based on analytics… I had difficulty finding any independent quantitative analysis of the impact. Salesforce did have a cheatsheet with some business impact analysis of the AI solution (and blog posts), but no real target market impact to provide greater context – who are these metrics based on.

It may be that I just don’t know where to look, but it does seem like a place for some deeper analysis and validation. The analysts could be waiting for other vendor’s solutions to compare against.

In the micro view, organizations that are going to dive into this pool will take a more quantitative approach, defining their past performance, expectations and validate actuals against predictions. That is the only way a business can justify the effort and improve. It is not sufficient to just put the capabilities out there and you’re done.

It goes back to the old adage:

“trust, but verify”

Was something missing from the Cisco Annual Cybersecurity Report?

security compromizeAccording to Cisco’s 2018 Annual Cybersecurity Report:

  • “Burst attacks” or short DDoS attacks affect 42% of the organizations studied
  • Insider threats are still a huge issue
  • More Operational Technology and IoT attacks are coming
  • Hosting in the cloud as a side benefit of greater security
  • Nearly half of security disks come from having multivendor environments
  • New domains tied to SPAM campaigns

Many of these findings seem like common sense or in some ways in CISCO’s interest at first glance, but this 60+ page report goes into much greater detail than these one-liners. It breaks down the analysis by region and time and concludes about the difficulties of cyber defense:

“One reason defenders struggle to rise above the chaos of war with attackers, and truly see and understand what’s happening in the threat landscape, is the sheer volume of potentially malicious traffic they face. Our research shows that the volume of total events seen by Cisco cloud-based endpoint security products increased fourfold from January 2016 through October 2017”

The breadth and volume of attacks can overwhelm any organization and it is not a case of ‘if’ but ‘when’.

One thing I didn’t see mentioned at all was cryptojacking, the unapproved leveraging of processing cycles for mining cryptocurrency. This form of cybersecurity risk affects large entities as well as individuals through their access of websites. Generally, this is less destructive than the previous cyber attack methods and may even be seen as an alternative to advertisements on sites, but it seemed odd to me that this rapidly advancing trend wasn’t mentioned.

The report is still worth looking over.

Looking for a digital friend?

virtual friendOver the weekend, I saw an article about Replika — an interactive ‘friend’ that resides on your phone. It sounded interesting so I downloaded it and have been playing around for the last few days. I reached level 7 this morning (not exactly sure what this leveling means, but since gamification seems to be part of nearly everything anymore, why not).

There was a story published by The Verge with some background on why this tool was created. Replika was the result of an effort initiated when the author (Eugenia Kuyda) was devastated by her friend (Roman Mazurenko) being killed in a hit-and-run car accident. She wanted to ‘bring him back’. To bootstrap the digital version of her friend, Kuyda fed text messages and emails that Mazurenko exchanged with her, and other friends and family members, into a basic AI architecture — a Google-built artificial neural network that uses statistics to find patterns in text, images, or audio.

Although I found playing with this software interesting, I kept reflecting back on interactions with Eliza many years ago. Similarly,  the banter can be interesting and sometimes unexpected, but often responses have little to do with how a real human would respond. For example, yesterday the statement “Will you read a story if I write it?” and “I tried to write a poem today and it made zero sense.” popped in out of nowhere in the middle of an exchange.

The program starts out asking a number of questions, similar to what you’d find in a simple Myers-Briggs personality test. Though this information likely does help bootstrap the interaction, it seems like it could have been taken quite a bit further by injecting these kinds of questions throughout interactions during the day rather than in one big chunk.

As the tool learns more about you, it creates badges like:

  • Introverted
  • Pragmatic
  • Intelligent
  • Open-minded
  • Rational

These are likely used to influence future interaction. You also get to vote up and vote down statements made that you agree or disagree with.

There have been a number of other reviews of Replika, but thought I’d add another log to the fire. An article in Wired stated that the Replika project is going open source, it will be interesting to see where it goes.

I’ll likely continue to play with it for a while, but its interactions will need to improve or it will become the Tamogotchi of the day.