Tech news this week: Fragmented AI rules and SD-WAN

This week, host Antone Gonsalves discusses the difficulties of moving from a software-defined WAN to a secure access service edge, the pros and cons of AI security, and AI safety regulations. Joining him are three guests:

• Shamus McGillicuddy, author of a report on SD-WAN to SASE transition.
• Arielle Waldman, TechTarget reporter on the topic of AI security.
• Makenzie Holland, TechTarget reporter on the topic of AI regulation.

Listen to Tech News this Week on Spotify or wherever you get your podcasts.

SD-WAN to SASE

A lot of companies are making the transition from software-defined WAN (SD-WAN) to secure access service edge (SASE), but most find the transition difficult if not outright painful, according to a survey from Enterprise Management Associates (EMA). This is because many organizations -- about 40%, according to McGillicuddy -- have multivendor SD-WAN environments.

"If you're going to evolve SD-WAN into SASE, you want to your SD-WAN solution to be kind of uniform," McGillicuddy said. "Some people tell me they've got three or more SD-WAN vendors. That's too much complexity."

This complexity occurs as a result of independent business units each choosing their own vendors, or mergers and acquisitions that swallow up companies with their own independent SD-WAN vendors.

AI in security

Security pros are overwhelmed with data and AI is coming to the rescue. ChatGPT-infused security offerings are being used to help with threat detection and vulnerability patch management, which is notoriously difficult for security professionals. Intelligence company Recorded Future added an AI component based on the company's threat intelligence and private data this week, and employees of the company are saying it is helping them do their jobs.

"They found it to be a time-saving tool," Waldman said. "Executives are inundated with security questions all the time. If they try to ask an analyst their opinion, that could take days or hours. Using these functions, it could generate a summary or analysis within minutes."

AI regulation

Congress has yet to take up legislation to regulate AI, but several states have introduced legislation.

"Colorado, for example, issued draft rules in February, to prohibit life insurance companies from using external data, like credit scores, social media habits, educational background -- which they consider discriminatory data in their AI models." Holland said. "Those companies would have to undergo a rigorous examination of the data that they use in their AI models to impact the company's decisions."

Among the states looking to regulate AI there is a patchwork of approaches. Some states aim to regulate both government and use, while others are just focused on commercial use. A patchwork of state-by-state standards could make it difficult for businesses to adjust.

"It's going to be similar to what businesses have had to do with data privacy laws," Holland said. "There's only a handful of states that have enacted these laws so far. So, I think ideally businesses are waiting for the federal government to catch up and implement a comprehensive approach, not only to data privacy, but to artificial intelligence."

In Europe there's an even wider spectrum of regulatory approaches, with Italy going so far as to ban ChatGPT.