In the last thirty days, our world has fundamentally changed. On Monday March 21st, 2022, the President of the United States warned the private sector of an impending Russian cyberattack. One which would be in retaliation to the severe financial sanctions being imposed by the United States on her due to the invasion of Ukraine. During his speech Joe Biden stated “If you have not already done so, I urge our private sector partners to harden your cyber defenses immediately”. The underlying assumption being that an attack is imminent, and would come in the days, weeks or months that lay ahead. In order to ensure that American businesses are able to protect themselves against this threat, the Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency (aka CISA) created the “Shield Up” program, and in doing so, published a set of guidelines and recommendations ( https://www.cisa.gov/shields-up ). One of the most significant points within CISA’s set of recommendation is the following …“PLAN FOR THE WORST: Senior management should ensure that exigent (immediate) measures can be taken to protect your organization’s most critical assets in case of intrusion, including DISCONNECTING HIGH IMPACT PARTS, OR THE NETWORK IF NECESSARY”.
From the practical perspective, what does this really mean, in terms of machine learning models, and other types of AI applications, that your organization has already deployed into production within a cloud environment, as well as additional work efforts that are presently underway? If you are using virtual computing infrastructure, or proprietary AI services, from one of the four major cloud vendors (i.e. - Amazon AWS, Microsoft Azure, Google Cloud Platform, and IBM Cloud), your projects are now considered to be at HIGH RISK. In a cyber war, Russia will seek to destroy or disable vital, widely used, publicly accessible computational infrastructure and related resources, which in this case are the underlying base services that each of the major cloud vendors offer. The tragic irony here is that the cloud vendor’s own proprietary AI product offerings are themselves completely dependent upon these very same base services, and as a consequence, will be unavailable during a targeted, prolonged, cyberattack.
So, what can you do to ensure full continuity of your AI/ML applications in the face of a Russian cyberattack? The simple answer is to set up a secondary environment outside of the cloud, to mitigate these risks. Historically, this would mean setting up a completely redundant (i.e. - mirror image) data center in a remote geographic location. Today, in terms of AI specific applications, the proverbial redundant data center would be replaced by a very powerful, hardened, dedicated AI appliance, such as the nTeligence MLSecure-1, which would be deployed at the very edge of the computer network. The MLSecure-1 was designed to function as a self-contained Data Center in a Box™, which would provide a safe, secure, and reliable, environment on which to build, deploy, and execute machine learning, deep learning, and reinforcement learning models.
The truth is that even before the threat of
a Russian cyberattack, there had already been numerous outages and catastrophic
failures within the major cloud vendor’s data centers. Whether caused by
thunderstorms, mis-configurations, dense servers overheating, hackers, or a
multitude of other problems. Up until now, most companies have continued to ignore
these very ominous warning signs. But now the time has finally come to act and
mitigate these risks in an expedient fashion, to continue to ignore them without
acting would be professionally irresponsible. To take it one step further, Joe
Biden said to the effect that it was “Your patriotic duty to defend these systems”.
If you want to ensure the continuity, and survivability, of your mission
critical AI/ML applications in the face of an impending Russian cyberattack, please give nTeligence a call at (609)-651-0070 or write info@nteligence.com
Marc Schneiderman, Founder and Inventor in Chief, nTeligence Corporation
