CHAPTER 2
No Artificial Trusts Added

The smell of freshly brewed espresso filled the air of MarchFit's Executive Briefing Center. The center was a glass box on the second floor of the MarchFit headquarters. In the lobby area of the center, Nigel and Brent were huddled around the espresso machine. Nigel was wearing his trademark Arsenault jersey, and Brent was wearing a polo shirt and khakis. Brent was peering into his glass espresso cup to see the different-colored strata of the shot. "I missed you," Brent whispered to the coffee.

"How are we gonna secure AI?" Brent asked after he took a sip. "I don't even know how AI works."

Dylan and Isabella walked into the glass conference room where one whole wall was a dedicated video touchscreen. Harmony Gold was already sitting at the table, the back of her laptop completely covered with stickers, several of which were tokens of the Zero Trust teams she worked on. Rose Tyler was pointing at the screen of Harmony's laptop, a fresh bruise on her right cheek where she had gotten punched at her Brazilian jiu-jitsu class the night before.

Brent and Nigel followed them into the conference room. "When anyone talks about AI," Nigel said to the whole room as they were sitting down, "why do we always make them evil?"

"Skynet," Brent said, in a kind of surfer dude voice. "It's only a matter of time."

Rose nodded her head and added, "Cylons. They almost drove us to extinction."

"Battlestar Galactica," Dylan said. "Classic. I think HAL 9000 is probably the most terrifying AI, though."

"I don't know if I could pick my favorite," Harmony said. "Star Trek has a bunch of them. M5. V'Ger could destroy whole solar systems. Don't even get me started about Lore."

"Yeah, but Star Trek is the exception since they have a good AI with Data," Penny observed as she walked into the conference room with Sheldon following behind her, his head down as he tapped on his phone.

"Agent Smith was the scariest AI, for sure," Sheldon said. "Or Ultron. I change my vote to Ultron."

"There's also Master Control Program. It controls all computers," Harmony said.

"Heistotron from Rick and Morty. And Bender from Futurama-they're probably the coolest. Or maybe that's more chaotic neutral than evil?" Isabella pondered. She was the dedicated project manager for Zero Trust projects. Everyone looked at her, stunned. "What?" she asked. "My kids love that show."

"I could see myself hanging out with GLaDOS," Nigel said. "Maybe not actually that dangerous but could be good for a laugh."

Rose looked confused, so Brent clarified, "It's the evil AI from the Portal video games."

"Ah." Rose nodded.

Sheldon had set up his own laptop on the table and connected to the video wall. Before he pulled up the presentation, they could see that Sheldon's desktop background was a bad Photoshop of Sheldon driving a red convertible Lamborghini. Then the lights dimmed in the conference room, and the video wall slowly faded white, illuminating the whole room. The NutriNerd logo faded in next to the MarchFit logo, with a plus side in the middle. Both logos faded to white, and footage of the Apollo 11 rocket liftoff faded in with orchestral music building in intensity.

A prerecorded voiceover by Sheldon began in a very bad movie trailer voice: "The electrocardiogram, or ECG, was invented over one hundred years ago. Sixty years ago, this was still cutting-edge science, and NASA introduced the first production use of the ECG on the Apollo astronauts to study the impact of space travel on the human body. Today, hundreds of millions of people wear one on their wrist." Several smartwatch styles appeared on the screen.

The screen switched to some old footage of a scientist studying chimpanzees locked away in cages. Sheldon's voiceover continued: "The way science used to work was that doctors would do a study with a few hundred patients and extrapolate results that would lead to other studies. For the first time in human history . . ." Sheldon's voice continued as the scene changed to a high-resolution color picture of people running with Apple watches, ". . . we have real-time telemetry on hundreds of millions of humans. We can measure the ECG results along with blood oxygen, blood pressure, heart rate, VO2max, or even sleep quality. And with AI, we can revolutionize our own wellness."

As the lights faded back in, the title of the slideshow appeared. It read "NutriNerd-Data-Driven Wellness, Intelligent Health."

Penny stood up and addressed the room as the lights came back on. "In the past, if we wanted to be more healthful, it used to be we had nothing but fad diets to follow based on very limited research. But with NutriNerd and MarchFit, we're going to build the perfect virtual wellness coach. Imagine getting access to the best personal trainer, the best nutritionist, maybe even offering motivations or counseling or meditation, all based on cutting-edge science using data models based on studying data from millions of people and customized just for you."

"That's a scary amount of data," Rose observed.

"That's fair," Penny admitted. "We have the opportunity to have a huge impact on the human species and the world if we can give people healthier lives with less stress and better mental health. We think it's worth trying. But we know we need help to get it right. Right, Sheldon?"

Sheldon was looking at his cell phone, occasionally swiping his finger across the screen.

"Sheldon?" Penny asked. Sheldon seemed not to hear her.

"Sheldon?" Penny said again, loudly this time, and he finally looked up at her, then around to the room. "Can you talk about what we've done to secure our program so far?" she asked him.

Sheldon sat up straight and made eye contact with Dylan. "We've got great security already. Unlike some other companies, we've never been breached."

"Sheldon," Penny scolded.

"Oh, right, I forgot that happened to MarchFit. I was talking about Hugging Face and some of the companies that use the Ray AI development framework. Our developers know how to write secure code, and we use the Dask libraries. So we're not going to have those problems," Sheldon said.

"Thanks for the overview, Sheldon," Dylan said. "You're right that Dask supports encryption and authentication more natively than Ray and it's designed for multitenant environments, but security in Dask is still not the default. We have a strategy we follow for security called Zero Trust. We apply that to all our technology, so we'll want to review all aspects of securing our new product. We'll need your help applying our Zero Trust principles and design methodology to AI." Dylan clicked several times on his laptop, and Sheldon's presentation was replaced with a single slide:

Principles of Zero Trust

• Focus on business outcomes.
• Design from the inside out.
• Determine who or what needs access.
• Inspect and log all traffic.

Zero Trust Methodology

• Define your protect surface.
• Map transaction flows.
• Architect your environment.
• Create Zero Trust policies.
• Monitor and maintain.

Dylan continued, "As Olivia observed, there are lots of different aspects of AI that we'll need to think about. We'll want to start out with a complete inventory of the use of AI and decide whether to add each use to an existing protect surface or whether it requires a new protect surface. For NutriNerd, we'll treat LLMs [large language models] that we're building as their own protect surface and walk through the rest of the design methodology for that protect surface. Then we'll also go through the same process for any use of GPTs as a separate protect surface. Then use of AI for security operations or IT operations in SaaS [software as a service] applications."

"What about chatbots?" Harmony asked.

"Or any AI-generated content?" Rose asked.

"Good points. Those might be additional protect surfaces. We'll also want to reconcile against our existing protect surfaces."

"For the next step in the NutriNerd LLM protect surface," Dylan said, "we'll need to know a little more about how AI works. So I've asked Penny to work with Harmony to give us a general overview of how LLMs will be incorporated into the new product to help us go through the next step in the design methodology: mapping transaction flows."

"Thanks, Dylan," Penny said. "Not all classrooms have four walls. So grab your stuff, it's time for a field trip."

"Field trip!" Nigel and Brent cheered.

Penny stopped Sheldon as he was standing up, "That was just rude, Sheldon. Why don't you stay here? I think I can handle the rest of the day."

Sheldon shrugged and sat back down, going back to tapping on his phone.

The team walked across the parking lot...