没有合适的资源?快使用搜索试试~ 我知道了~
Gartner发布风险和安全管理领域的生成式人工智能创新指南
需积分: 5 0 下载量 43 浏览量
2023-11-28
18:55:01
上传
评论
收藏 960KB PDF 举报
温馨提示
试读
20页
Gartner发布风险和安全管理领域的生成式人工智能创新指南:三大应用场景及其需要的七大能力 生成式人工智能带来了三类新风险:内容异常、数据保护和人工智能应用安全。使用或构建 GenAI 应用程序的 IT 领导者可以利用这项研究来了解市场动态并评估新兴的 GenAI TRiSM 技术和解决新风险的提供商。 主要发现 在企业应用中集成大型语言模型(LLM )和其他生成人工智能(GenAI)模型会带来三类新风险:内容异常、数据保护和人工智能应用安全。 托管 GenAI 模型的供应商没有提供一套完整的控制措施来减轻这些风险。相反,用户需要获取解决方案来增强托管供应商的有限控制。 IT 领导者必须信任大多数托管 LLM 供应商能够保护其数据,但无法验证其安全和隐私控制。 GenAI TRiSM 解决方案的市场仍然很小,新兴解决方案在很大程度上尚未经过测试。目前它的目标是保护LLM的使用,而不是保护多模式模型的使用。
资源推荐
资源详情
资源评论
Gartner, Inc. | G00799579
Page 1 of 16
Innovation Guide for Generative AI in Trust, Risk
and Security Management
Published 18 September 2023 - ID G00799579 - 16 min read
By Analyst(s): Avivah Litan, Jeremy D'Hoinne, Gabriele Rigon
Generative AI brings new risks in three categories: content
anomalies, data protection and AI application security. IT leaders
using or building GenAI apps can use this research to understand
market dynamics and evaluate emerging GenAI TRiSM technology
and providers that address new risks.
Overview
Key Findings
Integrating large language models (LLMs) and other generative AI (GenAI) models in
enterprise applications bring new risks in three categories: content anomalies, data
protection and AI application security.
■
Vendors hosting GenAI models do not provide a complete set of controls that
mitigate these risks. Instead, users need to acquire solutions that do so to augment
hosting vendors’ limited controls.
■
IT leaders must trust most hosting LLM vendors with protection of their data,
without the ability to verify their security and privacy controls.
■
The market for GenAI TRiSM solutions is still small, and emerging solutions remain
largely untested. It is currently targeted toward LLM usage protection as opposed to
protecting usage of multimodal models.
■
This research note is restricted to the personal use of [email protected].
Gartner, Inc. | G00799579
Page 2 of 16
Recommendations
The GenAI TRiSM market is still a very early market subset of the overall AI TRiSM Market
(see Market Guide for AI Trust, Risk and Security Management). We define this market and
its functions and note some of the vendors who support it in this inaugural Innovation
Guide.
Beta Research
The following research is part of a new initiative Gartner is piloting to provide updates at
a greater frequency. It is a work in progress that does not represent our final position.
While we continue to monitor this topic, we invite you to provide constructive feedback.
All relevant updates and feedback will be incorporated into the final research, which will
undergo our standard review process.
You can navigate this document using the hyperlinks below.
Set up proofs of concept to test emerging GenAI TRiSM products in the categories to
augment your legacy security controls, and apply them to production applications
once they perform as required.
■
Use content anomaly detection products that mitigate input and output risks to
enforce acceptable use policy and prevent unwanted or otherwise illegitimate model
completions and responses from compromising your organization’s decision
making, safety and security.
■
Evaluate the use of AI application security products to protect your organization
from hackers who exploit new GenAI threat vectors to damage your organization and
its assets.
■
Continue to use known legacy security controls to protect sensitive information,
application stacks and assets, but recognize they don’t mitigate risks unique to
LLMs, such as inaccurate, inflammatory or copyrighted outputs in responses.
■
Market Definition
■
Market Map Visual
■
Market Dynamics
■
Market Evolution
■
This research note is restricted to the personal use of [email protected].
Gartner, Inc. | G00799579
Page 3 of 16
Market Definition
Back to top
The GenAI TRiSM market comprises multiple software and services segments that
support security, data protection and risk mitigation for adopters of GenAI applications
and model interactions. GenAI TRiSM tools include solutions for:
These tools complement associated measures implemented by builders or owners of
GenAI models, applications and agents, and as such, represent “shared responsibilities.”
The GenAI TRiSM market is a subset of a larger AI TRiSM market that also includes
multiple software segments that can only be implemented by the builders or owners of AI
models, applications or agents. These builders or owners create, maintain and govern
these entities. In the case of on-premises AI models, the owners of these AI models are the
same entities that use or interact with those same AI models.
Market Map Visual
Back to top
Business Benefits (Use Cases)
■
Piloting and Evaluating Vendors
■
Managing Risks
■
Representative Vendors
■
Content anomaly detection
■
Data protection
■
AI application security
■
This research note is restricted to the personal use of [email protected].
Gartner, Inc. | G00799579
Page 4 of 16
Figure 1: Generative AI on Trust, Risk and Security (TRiSM) Overview
We updated our AI TRiSM architecture in 2023 to reflect the different TRiSM
responsibilities of builders or owners of AI models, applications and agents and all other
parties who integrate and use them. Figure 2 identifies the technology components that
these two parties use to manage these aspects for AI models, applications and agents.
This research note is restricted to the personal use of [email protected].
剩余19页未读,继续阅读
资源评论
lurenjia404
- 粉丝: 1889
- 资源: 119
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功