Data Security Risk Assessment and Response Strategy for Large Language Models

Authors

  • Tingting Liu Tencent Cloud Computing (Beijing) Ltd.

DOI:

https://doi.org/10.5281/zenodo.13117905

ARK:

https://n2t.net/ark:/40704/JIEAS.v2n4a15

Keywords:

Data Security, Risk Assessment, Large Language Models, Artificial intelligence, Cloud Computing, Data Classification, Data Grading, Compliance, Data Asset Sorting

Abstract

In the era of artificial intelligence, large language models (LLMs) feature both positives and negatives when it comes to data security. The purpose of this paper is to present detailed recommendations for evaluating and managing the risks of data security connected with LLMs, using contemporary artificial intelligence algorithms and cloud-based information technologies. These are data asset categorization and rating, risk assessment models, and the observation of legal requirements and best practices regarding data safety. Key findings’ main message is the criticality of the systematic approach to establish and assess controls against data leakage and compliance risks. Besides, the paper also stresses the importance of effective comprehensiveness of report analysis as well as the integration of security capabilities that will help strengthen the overall security of an enterprise. Lastly, based on the highlights of the paper, the best practices for enterprises to address the risks associated with data security are outlined to provide practical and effective measures of protection as well as compliance, particularly in today’s fast-evolving technological environment of AI technologies.

Downloads

Download data is not yet available.

Metrics

Metrics Loading ...

Author Biography

Tingting Liu, Tencent Cloud Computing (Beijing) Ltd.

Tencent Cloud Computing (Beijing) Ltd., China.

References

Bartolucci, Cristian, Francesco Devicienti, and Ignacio Monzón. "Identifying Sorting in Practice." American Economic Journal: Applied Economics 10.4 (2018): 408-38.

Bécue, Adrien, Isabel Praça, and João Gama. "Artificial Intelligence, Cyber-Threats and Industry 4.0: Challenges and Opportunities." Artificial Intelligence Review 54.5 (2021): 3849-86.

Chen, Rung-Ching, et al. "Selecting Critical Features for Data Classification Based on Machine Learning Methods." Journal of Big Data 7.1 (2020): 52.

Sorting and Utilizing of Telecom Operators Data Assets Based on Big Data. 2019 IEEE International Conferences on Ubiquitous Computing & Communications (IUCC) and Data Science and Computational Intelligence (DSCI) and Smart Computing, Networking and Services (SmartCNS). 2019. IEEE.

Das, Badhan Chandra, M Hadi Amini, and Yanzhao Wu. "Security and Privacy Challenges of Large Language Models: A Survey." arXiv preprint arXiv:2402.00888 (2024).

Tencentrec: Real-Time Stream Recommendation in Practice. Proceedings of the 2015 ACM SIGMOD international conference on management of data. 2015.

Challenges and Insights in Using Hipaa Privacy Rule for Clinical Text Annotation. AMIA Annual Symposium proceedings. 2015. American Medical Informatics Association.

Kirk, Hannah Rose, et al. "Personalisation within Bounds: A Risk Taxonomy and Policy Framework for the Alignment of Large Language Models with Personalised Feedback." arXiv preprint arXiv:2303.05453 (2023).

Landoll, Douglas. The Security Risk Assessment Handbook: A Complete Guide for Performing Security Risk Assessments. CRC press, 2021.

Salierno, Giulio, et al. "Giusberto: A Legal Language Model for Personal Data De-Identification in Italian Court of Auditors Decisions." arXiv preprint arXiv:2406.15032 (2024).

Souppaya, Murugiah, and Karen Scarfone. "Guidelines for Managing the Security of Mobile Devices in the Enterprise." NIST special publication 800.124 (2013): 124-800.

Enabling Cyber Security Data Sharing for Large-Scale Enterprises Using Managed Security Services. 2018 IEEE Conference on Communications and Network Security (CNS). 2018. IEEE.

Zide, Olwethu, and Osden Jokonya. "Factors Affecting the Adoption of Data Management as a Service (Dmaas) in Small and Medium Enterprises (Smes)." Procedia Computer Science 196 (2022): 340-47.

Downloads

Published

2024-08-01

How to Cite

[1]
T. Liu, “Data Security Risk Assessment and Response Strategy for Large Language Models”, Journal of Industrial Engineering & Applied Science, vol. 2, no. 4, pp. 104–109, Aug. 2024.

Issue

Section

Articles

ARK