Skip main navigation

What’s next?

New technologies are constantly being adopted by organisations, significantly raising the complexity of securing products, services, and systems.
Group of people working around whiteboard

A wide range of new technologies is being adopted by organisations, significantly raising the complexity of securing products, services, and systems, and widening the attack surface for malicious actors to exploit (WEF, 2023). Therefore it is imperative to design and develop products and services with security firmly built into them.

As technologies continue to evolve at pace, Security by Design can be drawn on as an iterative initiative which lays clear and tested foundations for safer online systems, products, and experiences as the world hurtles toward the new digital frontiers, immersive technology, and a Web 3.0 world designed to circumvent gatekeepers.

The overarching Security by Design principles and practices examined in this course are applicable to products, platforms and services across the digital ecosystem. They provide the foundation for technology companies and developers to ensure that security remains at the forefront of design and development for new and emerging products and services and that online threats are minimised through proactively anticipating, detecting and eliminating online harms and building in security from the outset.

As the online environment continues to evolve quickly and dramatically in ways that are not always predictable, so to do security needs. So what does the future hold for Security by Design? Let’s take a look at just one example of the security challenges associated with new technology.

Security and machine learning

Machine learning is a type of artificial intelligence (AI) that allows software applications to predict outcomes accurately without being explicitly programmed to do so. The basic premise of machine learning is to build algorithms that can receive input data and use statistical analysis to predict an output value within an acceptable range (ACSC).

While machine learning brings significant software application advances and enhanced capabilities, the flipside of this is that hackers are already using AI, machine learning, and other technologies to launch increasingly sophisticated cyber attacks (Boehm et al., 2022).

The NCSC web article (see below) describes the security challenges for machine learning application developers. Here, ethics and openness expected from the developers about the machine learning algorithms may increase system vulnerability. Thus a more holistic security approach to design is required. As the NCSC article explains, “transfer attacks can be developed on a surrogate model with the same parent model as the victim, and ‘transfer’ across, with any model similarities helping the ‘transferability’ of the attack” (NCSC, 2022).

Considering the novelty of the machine learning applications compared to conventional web applications and services, the security principles need to spread across the entire machine learning application lifecycle – i.e. development of prerequisites, requirements and development, deployment, in operation (continual/online learning), and end of life. Also impacting on AI development requirements are the complexities of potential new regulatory frameworks that will require technology companies to make their developments more secure to users.

Want to know more?

Read

Read this short article that looks at some of the security risks associated with AI applications:

Moore, S 2021, How to Make AI Trustworthy, Gartner, 12 June 2021.

© RMIT 2023
This article is from the free online

Security by Design

Created by
FutureLearn - Learning For Life

Reach your personal and professional goals

Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.

Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.

Start Learning now