The regulation does increase focus on security testing and compliance. The objective is to ensure that AI systems can withstand cyberthreats and protect data. However, this is not cheap. Achieving this result requires investments in advanced security tools and expertise, typically stretching budgets and resources. My “back of the napkin” calculations figure about 10% of the system’s total cost.
Balancing risk and innovation
Although these regulations aim to mitigate risks associated with AI, they also present some expensive challenges. Cloud users must balance adhering to compliance requirements and keeping their innovation pipelines flowing. I suspect they will quickly learn to work around them, and the regulators will complain that they are living up to the letter of the law (regulations) but not the spirit. It’s code for, “We found a loophole, guys!”
With legislative efforts on AI stalling in Congress, the Commerce Department’s proposal could set the groundwork for future regulations. That said, you must deal with the latency in processing these regulations, the inevitable court cases, and enterprises learning to move things out of the United States if needed. I suspect that will be the move most enterprises will make since that’s how they’ve dodged other regulations. The government does not seem to understand that clouds exist in most countries. Corporations will take full advantage of their offshore options, just as they do with taxes.
The immediate concern for enterprise cloud users is how these new regulations will impact their current workflows and future innovation pipelines. As businesses increasingly rely on AI to streamline operations and enhance customer experiences, new AI regulations could disrupt existing processes.
