Things I’d suggest to an AI lab CISO if we had 5 minutes to talk
1 minute version:
I think there are projects that can prepare the lab for moving to an air gapped network (protecting more than model weights) which would be useful to start early, would have minimal impact on developer productivity, and could be (to some extent) delegated[1]
Extra 4 minutes:
Example categories of such projects:
Projects that take serial time but can be done without the final stage that actually hurts developer productivity
Toy example: Add extra ethernet cables to the building but don’t use them yet
Reduce uncertainty about the problems that will be caused by a future security measure
Toy example: Prepare for a (partially?) air gapped network by monitoring (with consent[2]) which domains employees use and finding alternatives to them, e.g:
Wikipedia --> Download it
Social media --> Buy some employees a personal use computer, see if they like it?
… each domain becomes a project to prioritize and delegate, hopefully
Projects that require “product market fit” with the engineers
Toy example: The lab wants a secure[3] way to access model weights[4]. They can try an MVP solution (github PRs?), get user feedback (“too much friction!”), and work on the next draft while the users go back to accessing the weights however they want.
Note how much more it would hurt productivity if we’d wait with this project until security became critical and we’d have to force the engineers to use whatever solution we could come up with quickly. This is a common property of many projects I’d suggest.
I’m assuming the CISO’s team has limited focus, but spending this focus on delegating projects is a good deal. I’m also assuming this is a problem they’re happy to solve with money.
I’m aware this example is more focused on model weights, but it felt shorter to write than other product-market-fit examples. e.g I think “experiment with opening a new office for employees who like to WFH” is more realistic for an air gapped network but was longer for me to explain
Things I’d suggest to an AI lab CISO if we had 5 minutes to talk
1 minute version:
I think there are projects that can prepare the lab for moving to an air gapped network (protecting more than model weights) which would be useful to start early, would have minimal impact on developer productivity, and could be (to some extent) delegated[1]
Extra 4 minutes:
Example categories of such projects:
Projects that take serial time but can be done without the final stage that actually hurts developer productivity
Toy example: Add extra ethernet cables to the building but don’t use them yet
Reduce uncertainty about the problems that will be caused by a future security measure
Toy example: Prepare for a (partially?) air gapped network by monitoring (with consent[2]) which domains employees use and finding alternatives to them, e.g:
Wikipedia --> Download it
Social media --> Buy some employees a personal use computer, see if they like it?
… each domain becomes a project to prioritize and delegate, hopefully
Projects that require “product market fit” with the engineers
Toy example: The lab wants a secure[3] way to access model weights[4]. They can try an MVP solution (github PRs?), get user feedback (“too much friction!”), and work on the next draft while the users go back to accessing the weights however they want.
Note how much more it would hurt productivity if we’d wait with this project until security became critical and we’d have to force the engineers to use whatever solution we could come up with quickly. This is a common property of many projects I’d suggest.
I’m assuming the CISO’s team has limited focus, but spending this focus on delegating projects is a good deal. I’m also assuming this is a problem they’re happy to solve with money.
I endorse communicating why you want to do this and getting employee agreement, not just randomly following them
e.g monitored
I’m aware this example is more focused on model weights, but it felt shorter to write than other product-market-fit examples. e.g I think “experiment with opening a new office for employees who like to WFH” is more realistic for an air gapped network but was longer for me to explain