Welcome back to our weekly feature: The Future in 5 Questions. We’re starting the 2023 season with a digital safety expert and C-suite executive who sits at the intersection of cybersecurity and artificial intelligence. Meet Dr. Zulfikar Ramzan — chief scientist at Aura Labs, which sells an all-in-one digital threat platform for individual consumers that bundles cybersecurity offerings for hacking and privacy invasions. Dr. Ramzan holds more than 60 granted patents and a PhD in electrical engineering and computer science from MIT. He was also previously the CTO for the storied American network security firm RSA. Read on to hear his thoughts on what AI is coming for first, “good enough” federal policy and developing digital street smarts. Responses have been edited for length and clarity. What’s one underrated big idea? For a long time, we thought AI was gonna come after the working class first — that we would have robots cleaning our houses. Like, all our manual labor would be done by AI. But actually, what's happened in many ways is the opposite. AI is coming for the creative class first, in a surprising way. ChatGPT is a great example of it. I asked ChatGPT to write a poem in the style of Tagore. Four seconds later, I was like, “Oh my God.” Never in a thousand years did I think we would have AI tackling such creative endeavors. That, I think, is one of the most underrated AI applications. OpenAI [ChatGPT’s creator] did a few things right. One: it has been able to massively increase how much information can be held in one place, which leads to better prediction capabilities. Two: they've been able to throw an insane amount of computational power at this problem. That’s something we haven't fully appreciated in AI in general. On the algorithmic side, there have been many advances. But the actual computational load handled by a single element is completely different than anything we've ever seen in the past. What’s a technology you think is overhyped? Blockchain. I’ve been on the “blockchain is overhyped” bandwagon for a while now. Outside of cryptocurrency transactions, I haven’t seen a single blockchain application that couldn’t be more readily solved by other existing technologies. We’ve had databases for a long time. We've had digital signatures and time stamping. And using some combination of just those three technologies alone, you can solve almost every problem that people are trying to solve with Blockchain. And if you look underneath some examples of blockchain use, you see everything is stored on one computer. So why do you need this massive level of complexity? When you look at the blockchain security analysis in the original 2008 Satoshi Nakamoto Bitcoin paper, much of it is predicated on the argument that the effort spent on compromising blockchain security would be better put to use by mining Bitcoin and making money. It’s a game theoretic argument. And when you remove the monetary part of the blockchain, all of a sudden, in a truly decentralized blockchain, you have to worry about real issues like colluding adversaries. What book most shaped your conception of the future? Invisible Women by Caroline Criado Perez. That book was about how often we only use a subset of the population as our model for that design. So unfortunately, most things are not designed for women. Like, my iPhone. This is a massive phone. If you look at the average woman's hand, it's probably too small to manipulate this phone easily. All sorts of groups are not really accounted for in settings like drug design, building architecture, etc. As we’re trying to build all these great innovative capabilities, are we going to live in a world where innovation is not evenly distributed because they were biased away from certain segments of the population who actually would benefit from that technology being out there and deployed? It does get me thinking about where we are going in the future, not just with physical design, but with digital design. What could government be doing regarding tech that it isn’t? Right now, we have a morass of legislation in cybersecurity. There's no single unified framework to think about privacy and security at the federal level, so that gets pushed out at the state level. And we have different privacy laws in different states. For companies like Aura, one of our biggest challenges is that we need to design like 50 versions of our product, just to make sure how you interact with this product is compliant with whatever state you're in. That's something the government needs to solve for two reasons. One is simply that having a clear standard for everyone to follow is good. The other is to ensure entrepreneurs can innovate without having to worry about dealing with a vast mess of regulatory issues. In terms of passing federal data privacy and security legislation, I don't think we should let perfect be the enemy of the good. On the flip side, we have to at least make sure we meet a certain level of reasonableness in the early definitions, otherwise it’s going to take us a while to iterate to the right solution. What has surprised you most this year? Last year, we hit a tipping point. For the first time, the amount of money [U.S. citizens] lost to home burglaries was superseded by the money lost in cyber theft. But in the real world, most people spend so much time and effort protecting their physical home. They've got locked doors and alarm systems and Nest cameras and Ring doorbells. But threat actors are really focusing their time and energy on compromising peoples’ digital dwellings. That’s where the action is. It worries me because people haven't made that paradigm shift yet, of realizing their digital security might be more important to protect than their physical security. We've honed a certain sense of street smarts in the physical world. But there's no transfer learning function here. And so the average consumer is just woefully unprepared for a world that’s seeing more and more digital crime.
| 
