News
Just when organizations were warming up to the idea of deploying AI, comes a report from cloud security company Wiz that the Microsoft AI research team inadvertently leaked 38TB of private data.
The data, according to Wiz, included private keys, passwords and over 30,000 internal Microsoft Teams messages from 359 Microsoft employees.
The Wiz team came across the data as part of its ongoing research on accidental exposure of cloud-hosted data, when it found an entire GitHub repository belonging to the Microsoft AI research team, according to a company blog post.
The purpose of the repository was to provide open-source code and AI models for image recognition. Visitors who accessed it could view, upload, overwrite and delete any of the information contained in the repository.
However, the blog notes the storage account was not directly exposed to the public.
The rest of the blog detailed how the leak happened and how to avoid similar kinds of issues, but it also shared two conclusions that should act as a warning to companies looking to deploy generative AI:
- Data sharing: To develop training models for AI, researchers must share huge amounts of data, both internal and external. The security implications for this are clear and it recommends separating public AI data and private AI data into two different stores.
- Supply chain attacks: In this case, the tokens that offer access to this storage account had been improperly set. This could have led to a supply chain attack. The implication, the blog added, is that security teams in organizations that deploy external AI models need to review and sanitize them where necessary.
The Microsoft Security Response Center responded soon after the Wiz findings, stressing that no customer data was exposed.
“No customer data was exposed, and no other internal services were put at risk because of this issue. No customer action is required in response to this issue. We are sharing the learnings and best practices below to inform our customers and help them avoid similar incidents in the future,” the statement reads. However, the fact that it happened at all should give organizations food for thought. If an organization as big as Microsoft with all its resources is open to errors like this, how will smaller organizations manage?
It also raises questions around the implications for Microsoft’s AI products. There are many unanswered questions about the use of AI and this is just another issue to add to the growing list of ‘What ifs ...?’
Cisco Buys Splunk for $28B
As if on cue, two tech giants announced this week that they would be combining forces to strengthen the security and observability services they provide customers in "an AI-powered world." Cisco announced its acquisition of Splunk on Sept. 21 for $28 billion in an all cash deal, marking the largest acquisition by the company to date. When the deal goes through, it will make Cisco one of the largest software companies in the world.
Michael Baum, Rob Das and Erik Swan founded Splunk in 2003 to provide customers with software that monitors, analyzes and detects anomalies in machine-generated data. The company had a successful IPO in 2012 and claims over 12,000 customers spread out across 110 countries.
In a statement about the acquisition, Cisco Chair and CEO Chuck Robbins said, "Our combined capabilities will drive the next generation of AI-enabled security and observability. From threat detection and response to threat prediction and prevention, we will help make organizations of all sizes more secure and resilient."
The announcement played up Splunk's security capabilities and framed them as complementary to Cisco's existing security portfolio. The combined offerings would give visibility into data from a wide range of sources, including network data, identity data, email, web traffic and processes. Splunk will also further the digital transformation of Cisco by increasing the size of its software portfolio as the tech giant looks to expand on its hardware foundations.
The deal is expected to close by the end of the third quarter, 2024, subject to regulatory approval. As part of the deal, Splunk president and CEO Gary Steele will join Cisco's executive leadership team, reporting directly to Robbins.
Google Expands Bard’s Capabilities, Reach
AI continues to be in the air, with news coming out of Google this week about an update and expansion of its Bard chatbot's capabilities and reach that will pull it deeper into Workspaces and other Google tools.
Bard will now be able to connect to YouTube, Google Drive, Google Flights and other tools to carry out a number of time-consuming tasks.
The connections to Google’s other services are just some of the improvements to Bard. Other updates include the ability to communicate with the chatbot in multiple languages, new fact-checking capabilities and a broad update to the LLM that the tool is built on.
Users can also opt-in to link their Gmail and Docs to Bard, so the tool can search through personal information to provide better support.
For those that use Bard in Google Search there is another quirky addition in the shape of a 'Google It' button, that is hidden behind the 'G' in Google. When a user searches a subject, they can press the G button to analyze how accurate — or not as the case may be — a given search response is.
Collectively the new tools are called Bard Extension and offer an entirely new way to interact and collaborate with Bard, according to Yury Pinsky, the director of product Management at Bard.
Once again, the ghost of Zoom's attempt to change its terms and services has come back in the shape of an assurance from Google that it will not use users' information to train the chatbot.
Google launched Bard in March as an experimental response to the rapid development of Microsoft’s Copilot, especially in the workplace, rather than something that it seemed ready to do.
The Google Bard website still carries warnings that it is an experimental technology and may sometimes give inaccurate or inappropriate information. It also warns users not to take Bard’s responses as medical, legal, financial or other professional advice.
Bard has faced significant problems with hallucinations since its launch which Google is attempting to iron out. Overall there seems to be some way to go before Bard can be considered anything other than a work in progress.
Simpplr Buys Socrates to Add Even More AI Capabilities
Meanwhile, Simpplr, which raised $70 million in funding this May, has announced it is buying Scorates.ai, developer of an AI-powered virtual assistant.
Webinar
Sep
25
CMS Briefing: A Live Look at What’s Next in AI-Driven Platforms
Learn how leading organizations are using AI‑driven tools to publish faster, personalize smarter and stay secure.
Register
Webinar
On demand
Ready or Not: How Data-First Organizations Are Unlocking Agentforce Potential
Learn how to cut through the noise, activate Agentforce and build a Salesforce AI strategy that actually delivers.
Watch Now
Webinar
On demand
AI in Customer Service: Faster Resolutions, Happier Customers
Don’t let rising demand burn out your team. See how to build a smarter, more resilient support org.
Watch Now
Webinar
On demand
From Hype to High-Impact CX Strategies That Actually Scale
Turn buzzworthy AI and outsourcing trends into measurable CX wins with fresh 2025 data.
Watch Now
Webinar
On demand
Insights to Action Rethinking the Contact Center for Real Business Impact
Join our exclusive webinar to hear CX executives share their innovative strategies for transforming service delivery.
Watch Now
Webinar
On demand
Accelerating Healthcare Ops with AI
Sign up to see how your peers are putting AI to work — and making it stick.
Watch Now
According to a statement from Simpplr, the integration of Socrates.ai will give Simpplr a relatively simple way of pulling together a wide range of diverse content sources including chatbots, enterprise applications and employee pathways.
The objective, according to Simpplr founder and CEO Dhiraj Sharma, is to transform the employee experience and support communication teams, as well as alleviate the pressures on IT and HR departments.
Socrates.ai offers a unified conversational interface, which cuts down the number of times workers have to switch apps as well as cutting the time it takes to find content. It can also answer questions about that content.
However, Socrates.ai is not a bot toolkit. Nor for that matter is it another point solution. Instead it’s an approach that pulls all HR and benefits information together into one simplified hub. "It’s like the bot of all bots, and way more," the company claims on its website.
What is interesting in this announcement is the efforts to centralize HR and IT information, which Simpplr claims it will be able to do with this platform.
Last July, Sharma said the company's principle focus is giving business users ownership of their content, an ongoing enterprise challenge given the number of internal content siloes. At the time, Sharma stressed the role of AI in solving this issue, and noted AI was a fundamental element of the Simpplr platform.
The acquisition of Socrates.ai takes a step in that direction by giving IT and HR common cause, notably the better management of employee information.
Workhuman’s Teams App Aims to Keep Everyone Happy
Also this week, social recognition platform provider Workhuman announced the launch of a new app for Microsoft Teams aimed at making it easier to communicate with colleagues across the organization.
In a statement about the integration, the company stated that the new app enables workers to praise each other in real-time via Teams chats, channels and meetings — in other words, where most communication and collaboration takes place.
Workers can view their level of recognition across the enterprise as well as an ‘always on’ awards feed. It also provides information of years-of-service awards and celebrations without requiring employees to log into a company intranet.
The integration with Teams means companies can also use an award notification tab, as well as the ability to add kudos and congratulations to colleagues throughout the organization who are receiving recognition or celebrating key life and work milestones.
There are a number of other features too which all go towards creating a better sense of well-being among workers in the company.
There is a commercial aspect to this. Research carried out by Workhuman and Gallup, which was published last March, says that a 10,000-person organization with an already engaged workforce can save up to $16.1 million annually.
Leaving aside the monetary savings, the real obvious benefit here is better employee engagement, which Workhuman says this new app will create, and consequent reduction in employee turnover.
Writer Raises $100M for Full-Stack AI
Finally this week, Writer, which develops what it describes as a full-stack generative AI platform, announced a successful $100 million Series B funding round led by ICONIQ Growth. This brings the total funding raised to $126 million.
The Writer platform consists of three key components: Palmyra (Writer-built LLMs), Knowledge Graph and AI guardrails. It also offers prebuilt templates, composable UI options, chatbots, integrations and APIs.
Writer co-founder and CEO Mary Habib said in a statement that unlike many other companies that focus solely on building a LLM, Writer develops a set of ready-to-use apps along with security requirements that enables organizations to start using generative AI quicker than normal.
She also pointed out that its platform never uses data from the organization to train the LLM and is currently compliant with a number of security and privacy standards that include SOC 2 Type II, GDPR, Privacy Shield, HIPAA, and PCI.
The company has a number of clear objectives the funding will support including:
- Developing AI agents and automated workflows.
- Developing more industry-specific models like its Palmyra-Med, a model built specifically for the health industry.
- Expanding its presence outside the US.
Writer claims United Healthcare, UiPath and Accenture among its customers.