The AI Risk Repository aims to provide industry, policymakers, and academics with a shared framework for monitoring and maintaining AI risk oversight.
As artificial intelligence sees unprecedented growth and industry use cases soar, concerns mount about the technology’s risks, including bias, data breaches, job loss, and misuse.
According to research firm Arize AI, the number of Fortune 500 companies citing AI as a risk in their annual financial reports hit 281 this year. That represents a 473.5% increase from 2022, when just 49 companies flagged the technology as a risk factor.
Given the scope and seriousness of the risk climate, a team of researchers that included MIT Sloan research scientist Neil Thompson has created the AI Risk Repository, a living database of over 700 risks posed by AI, categorized by cause and risk domain. The project aims to provide industry, policymakers, academics, and risk evaluators with a shared framework for monitoring and maintaining oversight of AI risks. The repository can also aid organizations with their internal risk assessments, risk mitigation strategies, and research and training development.
777
The AI Risk Database details 777 different risks cited in AI literature to date.
While other entities have attempted to classify AI risks, existing classifications have generally been focused on only a small part of the overall AI risk landscape.
“The risks posed by AI systems are becoming increasingly significant as AI adoption accelerates across industry and society,” said Peter Slattery, a researcher at MIT FutureTech and the project lead. “However, these risks are often discussed in fragmented ways, across different industries and academic fields, without a shared vocabulary or consistent framework.”
Creating a unified risk view
To create the risk repository, the researchers searched academic databases and consulted other resources to review existing taxonomies and structured classifications of AI risk. They found that two types of classification systems were common in existing literature: high-level categorizations of causes of AI risks, such as when and why risks from AI occur; and midlevel categorizations of hazards and harms from AI, such as using AI to develop weapons or training AI systems on limited data.
Both types of classification systems are used in the AI Risk Repository, which has three components:
The AI Risk Database captures 777 different risks from 43 documents, with quotes and page numbers included. It will be updated as new risks emerge.
The Causal Taxonomy of AI Risksclassifies how, when, and why such risks occur, based on their root causes. Causes are broken out into three categories: entity responsible (human or AI), the intentionality behind the risk (intentional or unintentional), and the timing of the risk (pre-deployment or post-deployment).
The Domain Taxonomy of AI Riskssegments risks by the domain in which they occur, such as privacy, misinformation, or AI systems safety. This section mentions seven domains and 23 subdomains.
The two taxonomies can be used separately to filter the database for specific risks and domains, or they can be used in tandem to understand how each causal factor relates to each risk domain. For example, a user can use both filters to differentiate between discrimination and toxicity risks when AI is deliberately trained on toxic content from the outset, and instances of risk where AI inadvertently causes harm after the fact by displaying toxic content.
As part of the exercise, the researchers uncovered some interesting insights about the current literature. Among them:
Most risks were attributed to AI systems rather than to humans (51% versus 34%).
Most of the risks discussed occurred after an AI model had been trained and deployed (65%) rather than before (10%).
Nearly an equal number of intentional (35%) and unintentional (37%) risks were identified.
Putting the AI Risk Repository to work
The MIT AI Risk Repository will have different uses for different audiences.
Policymakers. The repository can serve as a guide for developing and enacting regulations on AI systems. For example, it can be used to identify the type and nature of risks and their sources as AI developers aim to comply with regulations like the EU AI Act. The tool also creates a common language and set of criteria for discussing AI risks at a global scale.
Auditors. The repository provides a shared understanding of risks from AI systems that can guide those in charge of evaluating and auditing AI risks. While some AI risk management frameworks had already been developed, they are much less comprehensive.
Academics. The taxonomy can be used to synthesize information about AI risks across studies and sources. It can also help identify gaps in current knowledge so efforts can be directed toward those areas. The AI Risk Repository can also play a role in education and training, acclimating students and professionals to the inner workings of the AI risk landscape.
Industry. The AI Risk Repository can be a critical tool for safe and responsible AI application development as organizations build new systems. The AI Risk Database can also help identify specific behaviors that mitigate risk exposure.
“The risks of AI are poised to become increasingly common and pressing,” the MIT researchers write. “Efforts to understand and address these risks must be able to keep pace with the advancements in deployment of AI systems. We hope our living, common frame of reference will help these endeavors to be more accessible, incremental, and successful.”
Like a lot of Netflix subscribers, I find that my personal feed tends to be hit or miss. Usually more miss. The movies and shows the algorithms recommend often seem less predicated on my viewing history and ratings, and more geared toward promoting whatever’s newly available. Still, when a superhero movie starring one of the world’s most famous actresses appeared in my “Top Picks” list, I dutifully did what 78 million other households did and clicked.
As I watched the movie, something dawned on me: recommendation algorithms like the ones Netflix pioneered weren’t just serving me what they thought I’d like—they were also shaping what gets made. And not in a good way.
The movie in question wasn’t bad, necessarily. The acting was serviceable, and it had high production values and a discernible plot (at least for a superhero movie). What struck me, though, was a vague sense of déjà vu—as if I’d watched this movie before, even though I hadn’t. When it ended, I promptly forgot all about it.
That is, until I started reading Kyle Chayka’s recent book, Filterworld: How Algorithms Flattened Culture. A staff writer for the New Yorker, Chayka is an astute observer of the ways the internet and social media affect culture. “Filterworld” is his coinage for “the vast, interlocking … network of algorithms” that influence both our daily lives and the “way culture is distributed and consumed.”
Music, film, the visual arts, literature, fashion, journalism, food—Chayka argues that algorithmic recommendations have fundamentally altered all these cultural products, not just influencing what gets seen or ignored but creating a kind of self-reinforcing blandness we are all contending with now.
That superhero movie I watched is a prime example. Despite my general ambivalence toward the genre, Netflix’s algorithm placed the film at the very top of my feed, where I was far more likely to click on it. And click I did. That “choice” was then recorded by the algorithms, which probably surmised that I liked the movie and then recommended it to even more viewers. Watch, wince, repeat.
“Filterworld culture is ultimately homogenous,” writes Chayka, “marked by a pervasive sense of sameness even when its artifacts aren’t literally the same.” We may all see different things in our feeds, he says, but they are increasingly the same kind of different. Through these milquetoast feedback loops, what’s popular becomes more popular, what’s obscure quickly disappears, and the lowest-common-denominator forms of entertainment inevitably rise to the top again and again.
This is actually the opposite of the personalization Netflix promises, Chayka notes. Algorithmic recommendations reduce taste—traditionally, a nuanced and evolving opinion we form about aesthetic and artistic matters—into a few easily quantifiable data points. That oversimplification subsequently forces the creators of movies, books, and music to adapt to the logic and pressures of the algorithmic system. Go viral or die. Engage. Appeal to as many people as possible. Be popular.
A joke posted on X by a Google engineer sums up the problem: “A machine learning algorithm walks into a bar. The bartender asks, ‘What’ll you have?’ The algorithm says, ‘What’s everyone else having?’” “In algorithmic culture, the right choice is always what the majority of other people have already chosen,” writes Chayka.
One challenge for someone writing a book like Filterworld—or really any book dealing with matters of cultural import—is the danger of (intentionally or not) coming across as a would-be arbiter of taste or, worse, an outright snob. As one might ask, what’s wrong with a little mindless entertainment? (Many asked just that in response to Martin Scorsese’s controversial Harper’sessay in 2021, which decried Marvel movies and the current state of cinema.)
Chayka addresses these questions head on. He argues that we’ve really only traded one set of gatekeepers (magazine editors, radio DJs, museum curators) for another (Google, Facebook, TikTok, Spotify). Created and controlled by a handful of unfathomably rich and powerful companies (which are usually led by a rich and powerful white man), today’s algorithms don’t even attempt to reward or amplify quality, which of course is subjective and hard to quantify. Instead, they focus on the one metric that has come to dominate all things on the internet: engagement.
There may be nothing inherently wrong (or new) about paint-by-numbers entertainment designed for mass appeal. But what algorithmic recommendations do is supercharge the incentives for creating only that kind of content, to the point that we risk not being exposed to anything else.
“Culture isn’t a toaster that you can rate out of five stars,” writes Chayka, “though the website Goodreads, now owned by Amazon, tries to apply those ratings to books. There are plenty of experiences I like—a plotless novel like Rachel Cusk’s Outline, for example—that others would doubtless give a bad grade. But those are the rules that Filterworld now enforces for everything.”
Chayka argues that cultivating our own personal taste is important, not because one form of culture is demonstrably better than another, but because that slow and deliberate process is part of how we develop our own identity and sense of self. Take that away, and you really do become the person the algorithm thinks you are.
Algorithmic omnipresence
As Chayka points out in Filterworld, algorithms “can feel like a force that only began to exist … in the era of social networks” when in fact they have “a history and legacy that has slowly formed over centuries, long before the Internet existed.” So how exactly did we arrive at this moment of algorithmic omnipresence? How did these recommendation machines come to dominate and shape nearly every aspect of our online and (increasingly) our offline lives? Even more important, how did we ourselves become the data that fuels them?
These are some of the questions Chris Wiggins and Matthew L. Jones set out to answer in How Data Happened: A History from the Age of Reason to the Age of Algorithms. Wiggins is a professor of applied mathematics and systems biology at Columbia University. He’s also the New York Times’ chief data scientist. Jones is now a professor of history at Princeton. Until recently, they both taught an undergrad course at Columbia, which served as the basis for the book.
They begin their historical investigation at a moment they argue is crucial to understanding our current predicament: the birth of statistics in the late 18th and early 19th century. It was a period of conflict and political upheaval in Europe. It was also a time when nations were beginning to acquire both the means and the motivation to track and measure their populations at an unprecedented scale.
“War required money; money required taxes; taxes required growing bureaucracies; and these bureaucracies needed data,” they write. “Statistics”may have originally described “knowledge of the state and its resources, without any particularly quantitative bent or aspirations at insights,” but that quickly began to change as new mathematical tools for examining and manipulating data emerged.
One of the people wielding these tools was the 19th-century Belgian astronomer Adolphe Quetelet. Famous for, among other things, developing the highly problematic body mass index (BMI), Quetelet had the audacious idea of taking the statistical techniques his fellow astronomers had developed to study the position of stars and using them to better understand society and its people. This new “social physics,” based on data about phenomena like crime and human physical characteristics, could in turn reveal hidden truths about humanity, he argued.
“Quetelet’s flash of genius—whatever its lack or rigor—was to treat averages about human beings as if they were real quantities out there that we were discovering,” write Wiggins and Jones. “He acted as if the average height of a population was a real thing, just like the position of a star.”
From Quetelet and his “average man” to Francis Galton’s eugenics to Karl Pearson and Charles Spearman’s “general intelligence,” Wiggins and Jones chart a depressing progression of attempts—many of them successful—to use data as a scientific basis for racial and social hierarchies. Data added “a scientific veneer to the creation of an entire apparatus of discrimination and disenfranchisement,” they write. It’s a legacy we’re still contending with today.
Another misconception that persists? The notion that data about people are somehow objective measures of truth. “Raw data is an oxymoron,” observed the media historian Lisa Gitelman a number of years ago. Indeed, all data collection is the result of human choice, from what to collect to how to classify it to who’s included and excluded.
Whether it’s poverty, prosperity, intelligence, or creditworthiness, these aren’t real things that can be measured directly, note Wiggins and Jones. To quantify them, you need to choose an easily measured proxy. This “reification” (“literally, making a thing out of an abstraction about real things”) may be necessary in many cases, but such choices are never neutral or unproblematic. “Data is made, not found,” they write, “whether in 1600 or 1780 or 2022.”
Perhaps the most impressive feat Wiggins and Jones pull off in the book as they continue to chart data’s evolution throughout the 20th century and the present day is dismantling the idea that there is something inevitable about the way technology progresses.
For Quetelet and his ilk, turning to numbers to better understand humans and society was not an obvious choice. Indeed, from the beginning, everyone from artists to anthropologists understood the inherent limitations of data and quantification, making some of the same critiques of statisticians that Chayka makes of today’s algorithmic systems (“Such statisticians ‘see quality not at all, but only quantity’”).
Whether they’re talking about the machine-learning techniques that underpin today’s AI efforts or an internet built to harvest our personal data and sell us stuff, Wiggins and Jones recount many moments in history when things could have just as likely gone a different way.
“The present is not a prison sentence, but merely our current snapshot,” they write. “We don’t have to use unethical or opaque algorithmic decision systems, even in contexts where their use may be technically feasible. Ads based on mass surveillance are not necessary elements of our society. We don’t need to build systems that learn the stratifications of the past and present and reinforce them in the future. Privacy is not dead because of technology; it’s not true that the only way to support journalism or book writing or any craft that matters to you is spying on you to service ads. There are alternatives.”
A pressing need for regulation
If Wiggins and Jones’s goal was to reveal the intellectual tradition that underlies today’s algorithmic systems, including “the persistent role of data in rearranging power,” Josh Simons is more interested in how algorithmic power is exercised in a democracy and, more specifically, how we might go about regulating the corporations and institutions that wield it.
Currently a research fellow in political theory at Harvard, Simons has a unique background. Not only did he work for four years at Facebook, where he was a founding member of what became the Responsible AI team, but he previously served as a policy advisor for the Labour Party in the UK Parliament.
In Algorithms for the People: Democracy in the Age of AI, Simons builds on the seminal work of authors like Cathy O’Neil, Safiya Noble, and Shoshana Zuboff to argue that algorithmic prediction is inherently political. “My aim is to explore how to make democracy work in the coming age of machine learning,” he writes. “Our future will be determined not by the nature of machine learning itself—machine learning models simply do what we tell them to do—but by our commitment to regulation that ensures that machine learning strengthens the foundations of democracy.”
Much of the first half of the book is dedicated to revealing all the ways we continue to misunderstand the nature of machine learning, and how its use can profoundly undermine democracy. And what if a “thriving democracy”—a term Simons uses throughout the book but never defines—isn’t always compatible with algorithmic governance? Well, it’s a question he never really addresses.
Whether these are blind spots or Simons simply believes that algorithmic prediction is, and will remain, an inevitable part of our lives, the lack of clarity doesn’t do the book any favors. While he’s on much firmer ground when explaining how machine learning works and deconstructing the systems behind Google’s PageRank and Facebook’s Feed, there remain omissions that don’t inspire confidence. For instance, it takes an uncomfortably long time for Simons to even acknowledge one of the key motivations behind the design of the PageRank and Feed algorithms: profit. Not something to overlook if you want to develop an effective regulatory framework.
Much of what’s discussed in the latter half of the book will be familiar to anyone following the news around platform and internet regulation (hint: that we should be treating providers more like public utilities). And while Simons has some creative and intelligent ideas, I suspect even the most ardent policy wonks will come away feeling a bit demoralized given the current state of politics in the United States.
In the end, the most hopeful message these books offer is embedded in the nature of algorithms themselves. In Filterworld, Chayka includes a quote from the late, great anthropologist David Graeber: “The ultimate, hidden truth of the world is that it is something that we make, and could just as easily make differently.” It’s a sentiment echoed in all three books—maybe minus the “easily” bit.
Algorithms may entrench our biases, homogenize and flatten culture, and exploit and suppress the vulnerable and marginalized. But these aren’t completely inscrutable systems or inevitable outcomes. They can do the opposite, too. Look closely at any machine-learning algorithm and you’ll inevitably find people—people making choices about which data to gather and how to weigh it, choices about design and target variables. And, yes, even choices about whether to use them at all. As long as algorithms are something humans make, we can also choose to make them differently.
Bryan Gardiner is a writer based in Oakland, California.
The semiconductor industry has reached a pivotal moment with ASML’s unveiling of its $400 million High-NA (High Numerical Aperture) chipmaking machine.
This technological marvel promises to revolutionize how the world’s most advanced microchips are manufactured.
By enabling unprecedented precision and speed in chip production, ASML’s latest innovation sets a new standard for the entire semiconductor supply chain.
As the demand for smaller, faster, and more efficient chips skyrockets across industries like AI, smartphones, and data centers, this breakthrough machine could be the key to unlocking the next era of computing power.
Key Highlights:
$400 million per unit: ASML’s High NA is the world’s most expensive chipmaking machine.
Only 5 shipped so far: Intel, TSMC, and Samsung are early adopters.
Twice the reliability: Intel reports significant yield and throughput improvements.
Global assembly footprint: Modules come from the U.S., Germany, and the Netherlands.
EUV exclusivity: ASML is the only company globally producing EUV systems.
A Colossal Machine Changing the Chipmaking Landscape
Standing larger than a double-decker bus, the High NA systemconsists of four modules built across the U.S. (California and Connecticut), Germany, and the Netherlands.
The final assembly and testing occur in Veldhoven before being disassembled again for delivery. It takes seven Boeing 747s or 25 trucks to transport a single machine.
Only five High NA units have been delivered so far, with the first commercial installation at Intel’s Oregon fab in 2024.
ASML expects adoption to expand to all its EUV customers, including Micron, SK Hynix, Rapidus, and others.
What Makes High NA Special?
ASML’s High NA builds on its EUV $400 million legacy by increasing the numerical aperture — the size of the lens opening used to project light onto silicon wafers. A larger aperture allows smaller, more precise patterns to be etched in fewer steps, improving chip performance and reducing production time.
According to ASML’s EVP of Technology Jos Benschop, the two primary benefits of High NA are:
“Shrink”: Fit more transistors onto a single wafer.
Faster throughput and higher yield by avoiding multiple patterning.
Intel reported producing 30,000 wafers with High NA and noted the tool is twice as reliable as ASML’s earlier EUV machines. Samsung claimed a 60% reduction in cycle time, indicating the potential for faster chips and lower costs.
The Physics Behind the Process
ASML’s High NA continues to use 13.5nm EUV light, made by firing 50,000 tin droplets per secondwith a powerful laser, creating plasma hotter than the sun. This light is projected through precision mirrors — the flattest surfaces on Earth — crafted by German optics partner Zeiss.
Because EUV is absorbed by all known materials, the entire lithography process happens in a vacuum, with light bounced and focused using specialized mirrors before reaching the silicon wafer.
Compared to ASML’s older DUV (Deep Ultraviolet) systems that use 193nm light and compete with Nikon and Canon, EUV — and now High NA — allows chipmakers to continue scaling down transistors in line with Moore’s Law.
A Risk That Paid Off
Developing EUV technology took over 20 years and was once considered an impossible endeavor.
“We barely made it… It’s been a very risky investment because there was no guarantee the technology would work.”ASML CEO Christophe Fouquet recalled,
Since proving EUV’s viability in 2018, ASML has cornered the global market. In 2024, the company sold 44 EUV machinesat prices starting from $220 million. DUV sales, while lower-tech, remained strong at 374 units, with China being a key buyer.
Geopolitics and U.S. Export Controls
Despite booming global demand, U.S. export restrictions prevent ASML from selling its EUV machines to China. This ban, originating during Donald Trump’s presidency, remains in effect. China still buys DUV systems, which accounted for 49% of ASML’s sales in Q2 2024, driven by a backlog of orders.
Fouquet expects that figure to return to the historical norm of 20–25% in 2025. However, ASML is bracing for uncertainties, especially asTrump’s new tariff plans could disrupt its 800-part global supply chain. Each High NA machine involves imports and exports between the U.S., Germany, the Netherlands, and Asia.
High NA is not just about precision. It also tackles energy concerns in an AI-driven future. Fouquet warned,
“If we don’t improve the power efficiency of our AI chips, training models could consume the world’s energy by 2035.”
ASML has reduced energy consumption per wafer by 60% since 2018, a crucial milestone as chipmakers seek sustainable growth amid rising demand for compute power.
ASML Expands U.S. Presence
Though headquartered in the Netherlands, ASML is deepening its U.S. footprint. In 2024, 17% of ASML’s sales came from the U.S., a figure expected to grow with new fabs under construction by Intel in Ohio and Arizona.
Of ASML’s 44,000 global employees, 8,500 are U.S.-based, spread across 18 offices. Fouquet called Intel a “very critical” partner for America’s goal of semiconductor independence— even as TSMC remains aheadin advanced manufacturing.
ASML’s $400 million High NA system represents a technological leap that could reshape the global semiconductor landscape. With only a handful of companies able to afford it, and only ASML able to build it, the tool solidifies the company’s monopoly on advanced chip lithography.
Yet, challenges remain — from geopolitical tensions and tariffsto energy efficiency and production scalability.
For now, ASML’s High NA machine is not just a feat of engineering; it’s the centerpiece of the battle for semiconductor supremacy.
There have been multiple proposals for the international governance of artificial intelligence (AI) that draw from the existing nuclear governance regimes. In this paper, the authors analyze lessons from the history of nuclear stability and draw analogies to building international governance of AI. The authors analyze two major episodes in nuclear governance, the failure of the Baruch Plan and the success of the Non-Proliferation Treaty, to understand what factors led to the failure or success of these governance initiatives. The authors also identify the challenges that proposals for global AI governance face that might complicate building a regime similar to the nuclear nonproliferation one. This paper is intended for those interested in potential models for global governance of AI that draw on past global governance efforts, such as nuclear nonproliferation.
VA takes a new approach to its electronic health record deployment, following a proposed $2 billion White House funding boost.
PHOTO CREDIT:Dr. Neil Evans, acting program executive director for VA EHRM-IO, testifying during the March 15, 2023 Senate Committee of Veterans Affairs Hearing.
The Department of Veterans Affairs targets a new approach to its electronic health record modernization deployment, moving away from individual site rollouts and instead “implementing waves of medical centers, multiple medical centers at one time, based on the relationships between those medical centers,” Dr. Neil Evans, acting executive program director of VA’s Electronic Health Record Modernization Integration Office, told GovCIO Media & Research in a recent interview.
Implementing the EHR in ‘Waves’
The rollout has been in a reset phase since April 2023, following reports that the system struggled with accuracy, enterprise standardization and reliability of data. Currently, the modern EHR is in place at six sites throughout the VA, with the most recent deployment occurring in March 2024 at the Lovell Federal Health Care Center in North Chicago.
The VA announced in Dec. 2024 that it would restart the rollout at four sites in Ann Arbor, Battle Creek, Detroit and Saginaw, with Michigan following in mid-2026. It also announced it will roll out the EHR at nine additional sites spread between Ohio, Indiana and Alaska.
VA plans to use the “wave” deployment approach Evans described when it resumes rollout in Detroit, Ann Arbor, Saginaw and Battle Creek, Michigan in 2026, since the four sites are integrated together and patients often receive specialty care at one facility or primary care at another.
“Going forward, implementing and choosing a schedule that really captures those natural pre-existing relationships, we believe, is an important part of the successful path forward, and that was also partly how we chose the sites that we chose,” Evans said.
VA’s EHR Program Sees Proposed Budget Boost
VA’s dormant but much-anticipated electronic health record modernization program could receive a jolt in funding from the Trump Administration in 2026. The White House’s proposed discretionary budget for FY 2026 calls for an increase of nearly $2.2 billion in funding for the EHR program, saying an accelerated rollout of the program is a “top priority effort.”
The proposed budget also plans to streamline much of the agency’s over 1000 IT systems, which it claims are “decades old” and “duplicative.” It pauses procurement of new systems and directs the U.S. Department of Government Efficiency Service to conduct a full review of the agency’s IT systems alongside the VA.
“There’s testing that we do, where we have to test every build to make sure it’s going to work properly when we go live with it. There’s infrastructure work that we need to do to make sure that our IT networks have been upgraded sufficiently to support the new technologies,” Evans said.
Learning from Federal Partners
As agencies like National Oceanic and Atmospheric Administration, Defense Department and Coast Guard work toward their electronic health record modernization goals, Evans said the VA is learning from their experience and from private sector partners as well.
“We’re not alone in going through an EHR transformation. The scale of what we’re doing in VA is significant, but the experience itself is not entirely unique. We are always open to learning, and have learned quite a bit from our federal partners, and actually from our non federal partners,” Evans said.
Evans emphasized that even after the EHR is rolled out across the country, work will need to be done to continually improve and refine the system to work for both patients and clinicians alike.
“We need to deploy the system, but we need to continue to optimize the system to meet the needs. Technology continues to mature. What we can accomplish using health information technologies is going to continue to improve as new capabilities, artificial intelligence and others, are introduced,” Evans said.
AI is a tool to get things done. To use it properly and generate value, organizations need the right capabilities — including a good understanding of data.
Artificial intelligence is getting all the buzz in the business world. But people often talk about “doing” AI without realizing that it’s just a tool for getting things done — a costly and complex tool.
“Like any tool, it creates no value unless it’s used properly,” said Barbara H. Wixom, a principal research scientist at the MIT Center for Information Systems Research. “AI is advanced data science, and you need to have the right capabilities in order to work with it and manage it properly.”
In a new research briefing, Wixom and CISR research fellow Cynthia M. Beathoutline three principles for implementing AI projects: Build the right capabilities, involve stakeholders from across the organization, and focus on realizing value.
In simple terms, data monetization is converting data into financial returns. Datasets could be sold to third parties, studied to improve processes, or used to create new business opportunities.
Seeing a return on investment from AI requires a “supercharged” data monetization strategy, Wixom said. There’s significant cost associated with the infrastructure, capabilities, and talent needed to get AI initiatives off the ground. And any enterprise that builds AI into a product — even if it’s something relatively simple, such as a customer service chatbot — must bear the associated legal and ethical responsibilities.
“So many missteps can occur,” Wixom said. “What we care about in the AI conversation is helping organizations embrace AI technology in a way that improves financial health.”
For example, many knowledge workers are using generative AI tools, such as ChatGPT, to write emails, create presentations, or pull key takeaways from meeting transcripts.
These conveniences shouldn’t be conflated with value, Wixom said. “If you invest millions of dollars in the capability to use AI in a sustaining way, is email productivity going to drive millions of dollars in value?” Wixom asked. “You need to know what your company needs.”
The CISR research briefing includes the example of CarMax, which used ChatGPT to aggregate data from customer reviews and other information sources to write summaries for 50,000 used cars listed on its website. A task that would have taken years to complete and required hundreds of content writers was accomplished in a matter of hours, the company’s chief information and technology officer said last year.
Below are more details on the researchers’ three principles aimed at guiding enterprise AI investments that generate value:
1. Invest in practices that build AI capabilities.
Successful AI use depends on advanced capabilities in data science, data management, data platforms, and acceptable data use.
Organizations may be tempted to forgo these investments if they purchase an off-the-shelf AI tool or have one custom-built for them. However, Wixom said it’s even more important for these organizations to build these capabilities to avoid running into trouble downstream.
“You have to understand the technology enough to trust it,” she said. “You don’t have to know the exact way neural networks work, but you do need to know how data scientists validate them — and you need to know what you don’t know.”
2. Involve all stakeholders in the AI journey.
Organizations [must] embrace AI technology in a way that improves financial health.
Barbara H. WixomPrincipal Research Scientist, CISRShare
Roles and titles differ among organizations, but the people who use AI tools, develop products, or offer solutions should be considered key stakeholders. Involving a variety of stakeholders in initiatives can help those without a background in data science better understand what AI can do, how much it costs, and how long it takes.
The CISR research briefing looked at the Australian Taxation Office, where business users provided regular feedback to data scientists about how AI models were performing. This helped all stakeholders understand how AI models made decisions, and it ensured that models had more positive benefits and fewer negative consequences. After implementing the models, which predicted tax-filing behaviors and offered nudges to citizens who needed to update work-related claims, the agency saw 113 million Australian dollars ($74 million) in changed claim amounts.
3. Focus on realizing value from AI.
In “Data is Everybody’s Business,” Wixom and her co-authors spell out five steps in the value creation cycle. Wixom explains them in the context of a common example in healthcare: predicting which patients in a hospital are at high risk of falling, and intervening to prevent it from happening.
Data. This comes from multiple sources, such as a medical history from electronic health records and current data from medical devices at the bedside.
Insight. This is where AI enters the picture to analyze data assets and predict who faces a high risk of a fall. Preventable falls are frequently linked to worse outcomes and higher costs of care.
Action. Here, insights inform changes to best practices. For example, a hospital may update its policies and send alerts to the nearest nurse when an at-risk patient starts to move in the bed — a sign that they may be trying to get up.
Value creation. In this scenario, the new policies result in fewer preventable falls, increased patient satisfaction, and shorter patient stays.
Value monetization. This occurs when the changes can be linked to tangible value creation. It may manifest as a reduced cost of care, which benefits hospitals compensated under performance-based contracts. It could also mean that fewer staff members are needed in a given unit.
A tough road from creation to monetization
Organizations need to plan out the five steps of value creation before any AI project commences, Wixom said. That will help executives see exactly what it will take to achieve returns on investment.
Monetization is the most difficult step. Many organizations get to value creation but are halted there. In a hospital, for example, additional revenue or reduced staffing costs may never materialize.
“You have to find a way to pay for this,” Wixom said. “Otherwise, you can’t sustain the investments, and then you have to pull the plug.”
Yet all isn’t lost if there are meaningful outcomes, such as a reduction in preventable falls, that don’t achieve monetization. In most cases, an organization now has the building blocks — data, insight, and action — to take on additional AI projects down the road. And it has experience successfully selling AI to stakeholders by focusing on what it can get done.
But without monetization, “AI will end up being a tool that sits on a shelf,” Wixom said. “You need to be talking about AI along with specific initiatives and the outcomes you want to achieve using it. And those outcomes need to be compelling for your organization.”
JPMorganChase just released an Open Letter to their third party suppliers, and sounded the AI security alarm!
The financial giant sees what others are missing:
Companies rushed to deploy AI without understanding the consequences. The mandate was clear: innovate or die. But JP Morgan’s latest security assessment reveals that:
78% of enterprise AI deployments lack proper security protocols
Most companies can’t explain how their AI makes decisions
Security vulnerabilities have increased 3x since mass AI adoption
The problem? Speed > security.
JP Morgan’s CTO Pat Opet put it bluntly: “We’re seeing organizations deploy systems they fundamentally don’t understand.” The financial sector is particularly vulnerable – with trillions at stake.
What JP Morgan recommends:
→ Implement AI governance frameworks before deployment → Conduct regular red team exercises against AI systems → Establish clear model documentation standards → Create dedicated AI security response teams
JP Morgan itself has invested $2B in AI security measures while slowing certain deployments.
The hard truth:
The AI security debt is growing faster than our ability to pay it down. Companies that prioritize security now will emerge as leaders. Those that don’t may not survive the coming AI security reckoning.
An open letter to third-party suppliers
By Patrick Opet, Chief Information Security Officer
The modern ‘software as a service’ (SaaS) delivery model is quietly enabling cyber attackers and – as its adoption grows – is creating a substantial vulnerability that is weakening the global economic system.
Software providers must prioritize security over rushing features. Comprehensive security should be built in or enabled by default.
We must modernize security architecture to optimize SaaS integration and minimize risk.
Security practitioners must work collaboratively to prevent the abuse of interconnected systems.
There is a growing risk in our software supply chain and we need your action
SaaS has become the default and is often the only format in which software is now delivered, leaving organizations with little choice but to rely heavily on a small set of leading service providers, embedding concentration risk into global critical infrastructure. While this model delivers efficiency and rapid innovation, it simultaneously magnifies the impact of any weakness, outage, or breach, creating single points of failure with potentially catastrophic systemwide consequences. Historically, software was distributed across diverse environments, each with unique security practices, inherently limiting the scale of any single breach. Today, an attack on one major SaaS or PaaS provider can immediately ripple through its customers. This fundamental shift demands our collective immediate attention.
At JPMorganChase, we’ve seen the warning signs firsthand. Over the past three years, our third-party providers experienced a number of incidents within their environments. These incidents across our supply chain required us to act swiftly and decisively, including isolating certain compromised providers, and dedicating substantial resources to threat mitigation.
Security must be prioritized
Risks extend beyond concentration alone. Fierce competition among software providers has driven prioritization of rapid feature development over robust security. This often results in rushed product releases without comprehensive security built in or enabled by default, creating repeated opportunities for attackers to exploit weaknesses. The pursuit of market share at the expense of security exposes entire customer ecosystems to significant risk and will result in an unsustainable situation for the economic system.
Security architecture must be modernized
Most critically, SaaS models are fundamentally reshaping how companies integrate services and data—a subtle yet profound shift eroding decades of carefully architected security boundaries. In the traditional model, security practices enforced strict segmentation between a firm’s trusted internal resources and untrusted external interactions using protocol termination, tiered access, and logical isolation. External interaction layers like APIs and websites were intentionally separated from a company’s core backend systems, applications, and data that powered them.
Modern integration patterns, however, dismantle these essential boundaries, relying heavily on modern identity protocols (e.g., OAuth) to create direct, often unchecked interactions between third-party services and firms’ sensitive internal resources. As a generic example, an AI-driven calendar optimization service integrating directly into corporate email systems through “read only roles” and “authentication tokens” can no doubt boost productivity when functioning correctly. Yet, if compromised, this direct integration grants attackers unprecedented access to confidential data and critical internal communications.
In practice, these integration models collapse authentication (verifying identity) and authorization (granting permissions) into overly simplified interactions, effectively creating single-factor explicit trust between systems on the internet and private internal resources. This architectural regression undermines fundamental security principles that have proven durability.
This problem is getting worse not better
Further compounding the risks are specific vulnerabilities intrinsic to this new landscape: inadequately secured authentication tokens vulnerable to theft and reuse; software providers gaining privileged access to customer systems without explicit consent or transparency; and opaque fourth-party vendor dependencies silently expanding this same risk upstream. Critically, the explosive growth of new value-bearing services in data management, automation, artificial intelligence, and AI agents amplifies and rapidly distributes these risks, bringing them directly to the forefront of every organization.
This weakness is known to attackers who are now actively targeting trusted integration partners—Microsoft Threat Intelligence recently authored a blog post that Chinese state actors were shifting tactics to target “common IT solutions like remote management tools and cloud applications to gain initial access” to their downstream customers.
Call to action
We stand at a critical juncture. Providers must urgently reprioritize security, placing it equal to or above launching new products. ‘Secure and resilient by design’ must go beyond slogans—it requires continuous, demonstrable evidence that controls are working effectively, not simply relying on annual compliance checks. Customers should be afforded the benefit of secure by default configurations, transparency to risks, and management of the controls they need to operate safely within a SaaS delivery model. The ecosystem must address trustworthy integration. There are some solutions available today, like confidential computing, customer self-hosting, and bring your own cloud, which all give organizations stronger controls to protect their data while enabling them to benefit from SaaS solutions.
We must establish new security principles and implement robust controls that enable the swift adoption of cloud services while protecting customers from their providers’ vulnerabilities. Traditional measures like network segmentation, tiering, and protocol termination were durable in legacy principles but may no longer be viable today in a SaaS integration model. Instead, we need sophisticated authorization methods, advanced detection capabilities, and proactive measures to prevent the abuse of interconnected systems.
The most effective way to begin change is to reject these integration models without better solutions. I hope you’ll join me inrecognizing this challenge and responding decisively, collaboratively, and immediately.
Patrick Opet, Chief Information Security Officer, JPMorganChase
Pope Francis has made no secret of his intention to radically reform the administrative structures of the Catholic church, which he regards as insular, imperious, and bureaucratic. He understands that in a hyper-kinetic world, inward-looking and self-obsessed leaders are a liability.
Last year, just before Christmas, the Pope addressed the leaders of the Roman Curia — the Cardinals and other officials who are charged with running the church’s byzantine network of administrative bodies. The Pope’s message to his colleagues was blunt. Leaders are susceptible to an array of debilitating maladies, including arrogance, intolerance, myopia, and pettiness. When those diseases go untreated, the organization itself is enfeebled. To have a healthy church, we need healthy leaders.
Through the years, I’ve heard dozens of management experts enumerate the qualities of great leaders. Seldom, though, do they speak plainly about the “diseases” of leadership. The Pope is more forthright. He understands that as human beings we have certain proclivities — not all of them noble. Nevertheless, leaders should be held to a high standard, since their scope of influence makes their ailments particularly infectious.
The Catholic Church is a bureaucracy: a hierarchy populated by good-hearted, but less-than-perfect souls. In that sense, it’s not much different than your organization. That’s why the Pope’s counsel is relevant to leaders everywhere.
With that in mind, I spent a couple of hours translating the Pope’s address into something a little closer to corporate-speak. (I don’t know if there’s a prohibition on paraphrasing Papal pronouncements, but since I’m not Catholic, I’m willing to take the risk.)
Herewith, then, the Pope (more or less):
____________________
The leadership team is called constantly to improve and to grow in rapport and wisdom, in order to carry out fully its mission. And yet, like any body, like any human body, it is also exposed to diseases, malfunctioning, infirmity. Here I would like to mention some of these “[leadership] diseases.” They are diseases and temptations which can dangerously weaken the effectiveness of any organization.
The disease of thinking we are immortal, immune, or downright indispensable, [and therefore] neglecting the need for regular check-ups. A leadership team which is not self-critical, which does not keep up with things, which does not seek to be more fit, is a sick body. A simple visit to the cemetery might help us see the names of many people who thought they were immortal, immune, and indispensable! It is the disease of those who turn into lords and masters, who think of themselves as above others and not at their service. It is the pathology of power and comes from a superiority complex, from a narcissism which passionately gazes at its own image and does not see the face of others, especially the weakest and those most in need. The antidote to this plague is humility; to say heartily, “I am merely a servant. I have only done what was my duty.”
Another disease is excessive busyness. It is found in those who immerse themselves in work and inevitably neglect to “rest a while.” Neglecting needed rest leads to stress and agitation. A time of rest, for those who have completed their work, is necessary, obligatory and should be taken seriously: by spending time with one’s family and respecting holidays as moments for recharging.
Then there is the disease of mental and [emotional] “petrification.” It is found in leaders who have a heart of stone, the “stiff-necked;” in those who in the course of time lose their interior serenity, alertness and daring, and hide under a pile of papers, turning into paper pushers and not men and women of compassion. It is dangerous to lose the human sensitivity that enables us to weep with those who weep and to rejoice with those who rejoice! Because as time goes on, our hearts grow hard and become incapable of loving all those around us. Being a humane leader means having the sentiments of humility and unselfishness, of detachment and generosity.
The disease of excessive planning and of functionalism. When a leader plans everything down to the last detail and believes that with perfect planning things will fall into place, he or she becomes an accountant or an office manager. Things need to be prepared well, but without ever falling into the temptation of trying to eliminate spontaneity and serendipity, which is always more flexible than any human planning. We contract this disease because it is easy and comfortable to settle in our own sedentary and unchanging ways.
The disease of poor coordination. Once leaders lose a sense of community among themselves, the body loses its harmonious functioning and its equilibrium; it then becomes an orchestra that produces noise: its members do not work together and lose the spirit of camaraderie and teamwork. When the foot says to the arm: ‘I don’t need you,’ or the hand says to the head, ‘I’m in charge,’ they create discomfort and parochialism.
There is also a sort of “leadership Alzheimer’s disease.” It consists in losing the memory of those who nurtured, mentored and supported us in our own journeys. We see this in those who have lost the memory of their encounters with the great leaders who inspired them; in those who are completely caught up in the present moment, in their passions, whims and obsessions; in those who build walls and routines around themselves, and thus become more and more the slaves of idols carved by their own hands.
The disease of rivalry and vainglory. When appearances, our perks, and our titles become the primary object in life, we forget our fundamental duty as leaders—to “do nothing from selfishness or conceit but in humility count others better than ourselves.” [As leaders, we must] look not only to [our] own interests, but also to the interests of others.
The disease of existential schizophrenia. This is the disease of those who live a double life, the fruit of that hypocrisy typical of the mediocre and of a progressive emotional emptiness which no [accomplishment or] title can fill. It is a disease which often strikes those who are no longer directly in touch with customers and “ordinary” employees, and restrict themselves to bureaucratic matters, thus losing contact with reality, with concrete people.
The disease of gossiping, grumbling, and back-biting.This is a grave illness which begins simply, perhaps even in small talk, and takes over a person, making him become a “sower of weeds” and in many cases, a cold-blooded killer of the good name of colleagues. It is the disease of cowardly persons who lack the courage to speak out directly, but instead speak behind other people’s backs. Let us be on our guard against the terrorism of gossip!
The disease of idolizing superiors. This is the disease of those who court their superiors in the hope of gaining their favor. They are victims of careerism and opportunism; they honor persons [rather than the larger mission of the organization]. They think only of what they can get and not of what they should give; small-minded persons, unhappy and inspired only by their own lethal selfishness. Superiors themselves can be affected by this disease, when they try to obtain the submission, loyalty and psychological dependency of their subordinates, but the end result is unhealthy complicity.
The disease of indifference to others. This is where each leader thinks only of himself or herself, and loses the sincerity and warmth of [genuine] human relationships. This can happen in many ways: When the most knowledgeable person does not put that knowledge at the service of less knowledgeable colleagues, when you learn something and then keep it to yourself rather than sharing it in a helpful way with others; when out of jealousy or deceit you take joy in seeing others fall instead of helping them up and encouraging them.
The disease of a downcast face. You see this disease in those glum and dour persons who think that to be serious you have to put on a face of melancholy and severity, and treat others—especially those we consider our inferiors—with rigor, brusqueness and arrogance. In fact, a show of severity and sterile pessimism are frequently symptoms of fear and insecurity. A leader must make an effort to be courteous, serene, enthusiastic and joyful, a person who transmits joy everywhere he goes. A happy heart radiates an infectious joy: it is immediately evident! So a leader should never lose that joyful, humorous and even self-deprecating spirit which makes people amiable even in difficult situations. How beneficial is a good dose of humor! …
The disease of hoarding. This occurs when a leader tries to fill an existential void in his or her heart by accumulating material goods, not out of need but only in order to feel secure. The fact is that we are not able to bring material goods with us when we leave this life, since “the winding sheet does not have pockets” and all our treasures will never be able to fill that void; instead, they will only make it deeper and more demanding. Accumulating goods only burdens and inexorably slows down the journey!
The disease of closed circles, where belonging to a clique becomes more powerful than our shared identity. This disease too always begins with good intentions, but with the passing of time it enslaves its members and becomes a cancer which threatens the harmony of the organization and causes immense evil, especially to those we treat as outsiders. “Friendly fire” from our fellow soldiers, is the most insidious danger. It is the evil which strikes from within. As it says in the bible, “Every kingdom divided against itself is laid waste.”
Lastly: the disease of extravagance and self-exhibition. This happens when a leader turns his or her service into power, and uses that power for material gain, or to acquire even greater power. This is the disease of persons who insatiably try to accumulate power and to this end are ready to slander, defame and discredit others; who put themselves on display to show that they are more capable than others. This disease does great harm because it leads people to justify the use of any means whatsoever to attain their goal, often in the name of justice and transparency! Here I remember a leader who used to call journalists to tell and invent private and confidential matters involving his colleagues. The only thing he was concerned about was being able to see himself on the front page, since this made him feel powerful and glamorous, while causing great harm to others and to the organization.
Friends, these diseases are a danger for every leader and every organization, and they can strike at the individual and the community levels.
____________________
So, are you a healthy leader? Use the Pope’s inventory of leadership maladies to find out. Ask yourself, on a scale of 1 to 5, to what extent do I . . .
Feel superior to those who work for me?
Demonstrate an imbalance between work and other areas of life?
Substitute formality for true human intimacy?
Rely too much on plans and not enough on intuition and improvisation?
Spend too little time breaking silos and building bridges?
Fail to regularly acknowledge the debt I owe to my mentors and to others?
Take too much satisfaction in my perks and privileges?
Isolate myself from customers and first-level employees?
Denigrate the motives and accomplishments of others?
Exhibit or encourage undue deference and servility?
Put my own success ahead of the success of others?
Fail to cultivate a fun and joy-filled work environment?
Exhibit selfishness when it comes to sharing rewards and praise?
Encourage parochialism rather than community?
Behave in ways that seem egocentric to those around me?
As in all health matters, it’s good to get a second or third opinion. Ask your colleagues to score you on the same fifteen items. Don’t be surprised if they say, “Gee boss, you’re not looking too good today.” Like a battery of medical tests, these questions can help you zero in on opportunities to prevent disease and improve your health. A Papal leadership assessment may seem like a bit of a stretch. But remember: the responsibilities you hold as a leader, and the influence you have over others’ lives, can be profound. Why not turn to the Pope — a spiritual leader of leaders — for wisdom and advice?
Fears about potential future existential risk are blinding us to the fact AI systems are already hurting people here and now.
October 30, 2023
This is an excerpt from Unmasking AI: My Mission to Protect What Is Human in a World of Machines by Joy Buolamwini, published on October 31 by Random House. It has been lightly edited.
The term “x-risk” is used as a shorthand for the hypothetical existential risk posed by AI. While my research supports the idea that AI systems should not be integrated into weapons systems because of the lethal dangers, this isn’t because I believe AI systems by themselves pose an existential risk as superintelligent agents.
AI systems falsely classifying individuals as criminal suspects, robots being used for policing, and self-driving cars with faulty pedestrian tracking systems can already put your life in danger. Sadly, we do not need AI systems to have superintelligence for them to have fatal outcomes for individual lives. Existing AI systems that cause demonstrated harms are more dangerous than hypothetical “sentient” AI systems because they are real.
The pioneering AI researcher and activist shares her personal journey in a new book, and explains her concerns about today’s AI systems.
One problem with minimizing existing AI harms by saying hypothetical existential harms are more important is that it shifts the flow of valuable resources and legislative attention. Companies that claim to fear existential risk from AI could show a genuine commitment to safeguarding humanity by not releasing the AI tools they claim could end humanity.
I am not opposed to preventing the creation of fatal AI systems. Governments concerned with lethal use of AI can adopt the protections long championed by the Campaign to Stop Killer Robots to ban lethal autonomous systems and digital dehumanization. The campaign addresses potentially fatal uses of AI without making the hyperbolic jump that we are on a path to creating sentient systems that will destroy all humankind.
Though it is tempting to view physical violence as the ultimate harm, doing so makes it easy to forget pernicious ways our societies perpetuate structural violence. The Norwegian sociologist Johan Galtung coined this term to describe how institutions and social structures prevent people from meeting their fundamental needs and thus cause harm. Denial of access to health care, housing, and employment through the use of AI perpetuates individual harms and generational scars. AI systems can kill us slowly.
Given what my “Gender Shades” research revealed about algorithmic bias from some of the leading tech companies in the world, my concern is about the immediate problems and emerging vulnerabilities with AI and whether we could address them in ways that would also help create a future where the burdens of AI did not fall disproportionately on the marginalized and vulnerable. AI systems with subpar intelligence that lead to false arrests or wrong diagnoses need to be addressed now.
When I think of x-risk, I think of the people being harmed now and those who are at risk of harm from AI systems. I think about the risk and reality of being “excoded.” You can be excoded when a hospital uses AI for triage and leaves you without care, or uses a clinical algorithm that precludes you from receiving a life-saving organ transplant. You can be excoded when you are denied a loan based on algorithmic decision-making. You can be excoded when your résumé is automatically screened out and you are denied the opportunity to compete for the remaining jobs that are not replaced by AI systems. You can be excoded when a tenant-screening algorithm denies you access to housing. All of these examples are real. No one is immune from being excoded, and those already marginalized are at greater risk.
This is why my research cannot be confined just to industry insiders, AI researchers, or even well-meaning influencers. Yes, academic conferences are important venues. For many academics, presenting published papers is the capstone of a specific research exploration. For me, presenting “Gender Shades” at New York University was a launching pad. I felt motivated to put my research into action—beyond talking shop with AI practitioners, beyond the academic presentations, beyond private dinners. Reaching academics and industry insiders is simply not enough. We need to make sure everyday people at risk of experiencing AI harms are part of the fight for algorithmic justice.
Check out the Five Takeaways from #HIMSS25 to watch #FEHRM Director William Tinston share the latest about the #FederalEHR and what’s ahead in the evolving #healthcare landscape. https://lnkd.in/em_PSw6y.
healthcarereimagined 