Broader support for confidential AI use cases provides safeguards for machine learning and AI models to execute on encrypted data inside of trusted executions environments. Credit: Cryteria / Insspirito Opaque Systems has announced new features in its confidential computing platform to protect the confidentiality of organizational data during large language model (LLM) use. Through new privacy-preserving generative AI and zero-trust data clean rooms (DCRs) optimized for Microsoft Azure confidential computing, Opaque said it also now enables organizations to securely analyze their combined confidential data without sharing or revealing the underlying raw data. Meanwhile, broader support for confidential AI use cases provides safeguards for machine learning and AI models to use encrypted data inside of trusted executions environments (TEEs), preventing exposure to unauthorized parties, according to Opaque. LLM use can expose businesses to significant security, privacy risks The potential risks of sharing sensitive business information with generative AI algorithms are well-documented, as are vulnerabilities known to impact LLM applications. While some generative AI LLM models such as ChatGPT are trained on public data, the usefulness of LLMs can skyrocket if trained on an organization’s confidential data without risk of exposure, according to Opaque. However, if an LLM provider has visibility into the queries set by their users, the possibility of access to very sensitive queries – like proprietary code – becomes a significant security and privacy issue as the possibility of hacking increases dramatically, Jay Harel, VP of product at Opaque Systems, tells CSO. Protecting the confidentiality of sensitive data like personally identifiable information (PII) or internal data, such as sales figures is critical for enabling the expanded use of LLMs in an enterprise setting, he adds. “Organizations want to fine-tune their models on company data, but in order to do so, they must either give the LLM provider access to their data or allow the provider to deploy the proprietary model within the customer organization,” Harel says. “Additionally, when training AI models, the training data is retained regardless of how confidential or sensitive it is. If the host system’s security is compromised, it may lead to the data leaking or landing in the wrong hands.” Opaque platform leverages multiple layers of protection for sensitive data By running LLM models within Opaque’s confidential computing platform, customers can ensure that their queries and data remain private and protected – never exposed to the model/service provider or used in unauthorized ways and only accessible to authorized parties, Opaque claimed. “The Opaque platform utilizes privacy-preserving technologies to secure LLMs, leveraging multiple layers of protection for sensitive data against potential cyber-attacks and data breaches through a powerful combination of secure hardware enclaves and cryptographic fortification,” Harel says. For example, the solution allows generative AI models to run inference inside confidential virtual machines (CVMs), he adds. “This enables the creation of secure chatbots that allow organizations to meet regulatory compliance requirements.” Related content news CISA, FBI urge developers to patch path traversal bugs before shipping The advisory highlights how developers can follow best practices to fix these vulnerabilities during production. By Shweta Sharma May 03, 2024 3 mins Vulnerabilities news Microsoft continues to add, shuffle security execs in the wake of security incidents The company has appointed new product security chiefs as well as a customer-facing CISO as it continues to respond to high-profile attacks on its products and own network. By Elizabeth Montalbano May 03, 2024 4 mins CSO and CISO feature Malware explained: How to prevent, detect and recover from it What are the types of malware? How does malware spread? How do you know if you’re infected? We've got answers. By Josh Fruhlinger May 03, 2024 18 mins Ransomware Phishing Malware brandpost Sponsored by Cyber NewsWire LayerX Security Raises $26M for its Browser Security Platform, Enabling Employees to Work Securely from Any Browser, Anywhere Early adoption by Fortune 100 companies worldwide, LayerX already secures more users than any other browser security solution and enables unmatched security, performance and experience By Cyber NewsWire May 02, 2024 4 mins Cyberattacks Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe