- 4 hours ago
Temubual bersama Michael Bachman di AWS re:Invent 2025 membincangkan ancaman baharu “Agentic AI”, risiko seni bina global, jurang kesiapsiagaan ASEAN, serta keutamaan dasar Malaysia dalam menghadapi era autonomi AI menjelang 2030.
Category
🗞
NewsTranscript
00:00Intro
00:00Assalamualaikum dan salam sejahtera
00:09Pada jam ini kita akan bawakan laporan khas langsung dari Las Vegas Amerika Syarikat
00:13AWS Reinvent 2025 terus membuka perbincangan penting mengenai masa depan kecerdasan buatan atau AI
00:20Editor kanan Astro Awani Najib Aruf kini bersama Michael Beckman dari Bumi
00:24yang berkongsi pandangan eksklusif tentang ancaman baharu Agentic AI dan kesiapsiagaan rantau ini
00:30Alright Michael, terima kasih banyak kerana menikmati saya
00:33Of course, we are AWS Reinvent 2025
00:36We talk a lot about Agentic AI and all that
00:38And emerging technology and the future is here in terms of that
00:42But I want to talk about the global shift towards Agentic system first
00:45Because around the world, we are talking about enterprises
00:48Beginning to deploy autonomous Agentic protocols
00:52And basically that operates across apps, data, and APIs as well
00:56And minimal human interventions in that sense
00:59So from the global vantage point, what do you see as the biggest architectural or security blind spot in a sense
01:07That organizations are consistently underestimating?
01:12Yeah, so there are a lot
01:13And first of all, thanks for having me here, I appreciate that
01:15So what we're looking at is trust and autonomy
01:21So as trust increases in Agentic systems, we're going to give more autonomy to these particular systems
01:29It's kind of like what we would do with humans
01:32If I trust that you're going to do a job, I'm probably not going to watch over you and supervise you as much
01:38And it's different with these Agentic systems because there's so much variability in the models
01:45In the model performance, depending on the task that's being used
01:48So this is language models with generative models, of course
01:51Plus, what access to the systems does that model have or does that Agentic system actually have?
01:59So when we're talking about the tooling
02:00When we're talking about the protocols being used
02:03We're talking about the pipelines to get the data to the actual cognitive center of the agent itself
02:10So that is the model
02:11These are all variable
02:14And the biggest thing with this trust is that
02:17With probabilistic or non-deterministic types of systems
02:22You're going to have error
02:24And that error is what we need to have comfort with
02:27So one of the biggest factors, to answer your question
02:29Is what is the level of error that we're willing to accept as humans
02:34To allow further autonomy for these agentic systems
02:38Greater autonomy to actually be achieved
02:42Yeah, and of course, when we talk about this
02:45And also the error tolerance in terms of an organization as willing to face
02:49Of course, as AI agents begin to make independent decisions
02:53And across supply chains
02:55We're talking in finance and customer operations as well
03:00How should basically global organizations, you know, rethink governance, one thing
03:04And also the governance model, in that sense
03:07Governance models
03:08So machinerizations remain transparent
03:10And also at the same time, auditable, accountable
03:12Especially when the decision chain, you know, spans multiple autonomous agents
03:18Absolutely
03:19I love the easy questions that you're asking here
03:22This is great
03:22So the idea about all of this is
03:26First of all, we have to have a standard for governance
03:28Within the policy level of, I think, a country
03:32Or even a region
03:34Down into the organization itself
03:38And so the idea is
03:40Governance is going to mean different things to different folks
03:42But, like you're talking about
03:44Transparency, auditability, all of these sorts of things
03:47When we're talking about highly regulated environments
03:50Healthcare, finance, you know, a lot of
03:55Or governmental agencies that require a lot of oversight
03:58There have to be multiple checks and balances in place
04:02And some of the things we need to take a look at
04:04Are things that my team in research have been looking at
04:07And if we're going to use agentic protocols
04:10Here are some things that are making companies stumble
04:16One, some of these agentic protocols are relatively new
04:19And they're high security risk
04:21Also, they get overwhelmed pretty easily
04:24So imagine a denial of service attack on how it exists on websites
04:29Well, the same thing can happen when you have an agent that's exposed to too many tools
04:34We call this bloat
04:35And so the idea is
04:36If I have too much choice as an agent
04:39And you're forcing the agent to actually select tools
04:44This creates an issue of accuracy down the line
04:48Which tools am I using?
04:50How am I using them well?
04:51All of that sort of thing
04:51So to answer your question
04:53How do you get an organization from adopting these agentic systems?
04:58First of all, you have to understand what the agent is actually doing
05:03And where it's pulling its information from
05:06You have to understand how the prompt starts
05:09And how the research from the agent itself
05:11Or the agentic system cascades from that point forward
05:15And having this all auditable
05:18So that you can see it in some sort of governance platform
05:22Is one area of transparency and observability
05:25That is necessary to be able to say
05:29Okay, I trust that the agent is doing these things
05:33I see that the agent has done these things
05:36They're all logged
05:37And I also have a log of all of the systems that have been touched
05:41And what data is feeding the agentic system
05:45And what data should, you know
05:48What guardrails have been applied to that particular agentic system
05:52So one other thing too
05:53The guardrails that get applied
05:55Those need to be enforced consistently
05:58Yes
05:58And so we have to have the ability to not only do that
06:02But to see that it's being enforced as well
06:05I want to talk about the trend
06:06Because of course now we are entering an era
06:08Where the terms of defenders and also attackers
06:12Are both using autonomous AI
06:13And of course what kind of
06:15In your opinion
06:16What kind of AI-driven attacks do you believe
06:20Will become mainstream globally by at least
06:22For the next three years
06:23Oh
06:23Yeah, great question
06:25I think spoofing humans is one thing that's going to happen
06:29We're already seeing it now
06:30In voice and video recognition, right
06:32So agents that are acting on behalf of a user
06:36Where they're given credentials
06:39That they shouldn't have access to
06:42Some of the simple things that are going on
06:43Like I said, security leaks
06:45With some of these agentic protocols
06:46Would be the ability for system level access
06:51To exist somewhere in the agentic chain
06:54What I mean is
06:55If I have system level access to
06:58Let's say a particular
07:00Let's say an ERP system
07:03Or a CRM system
07:04The rest is locked down pretty well
07:07But that one system is exposed
07:09That could be a weak point
07:11So I think in the next three years
07:13What we're going to see is
07:14Vulnerability scans
07:16That are going to be conducted
07:17By agents
07:18That are going to be attacking
07:19Different services at scale
07:21I also think as agents
07:24Sort of proliferate
07:26And we have multi-agent systems
07:27In the mix
07:28We could see something similar
07:30To a denial of service attack
07:31Where you're just flooding agents
07:33In to ask for certain things
07:34Or flooding tools
07:35Or something like this
07:36Those would also be
07:38Something that I would look out for
07:40Spoofing humans
07:42And my agent stealing
07:45Or basically having some level of access
07:48To your credentials in some way
07:50Whether or not you give them to me
07:52But if I can fake
07:53If I can offer some sort of phishing attack
07:57Which is super sophisticated
07:58And I can get at least credentials
08:01To one system
08:02It could be a backdoor into the rest
08:04And so we're going to have this
08:06Cat and mouse game
08:07That's going to happen
08:07And we've seen this historically
08:11We're going to see it a lot more
08:12But I think those are
08:13Those are certain ways
08:14That things are going to happen
08:15With security risk
08:17But I think
08:17One thing that we're already seeing
08:19If you talk to some of my friends
08:21Who are in the security space directly
08:24They're already saying
08:25Video attacks
08:27Spoofing people who look like you
08:30And making people think that
08:33They're faking your identity
08:35That's happening all over the place right now
08:38It's just the start of it
08:39Alright
08:39I want to talk about ASEAN
08:41Since I'm from Malaysia
08:42So I want to talk about
08:43Agenting AI in the ASEAN level
08:45Because ASEAN is moving
08:46Of course towards
08:47Harmonised AI governance
08:49We have what we call DEFA
08:51We are trying to achieve
08:52Now substantial agreement
08:53Has been achieved
08:54Which is Digital Economy Agreement Framework
08:58And one of it
08:59Under the DEFA
09:00Is AI governance
09:02Which is to ensure
09:03That AI technology
09:04Can be auditable
09:08And all that
09:08So
09:09Which global regulatory
09:11In that sense
09:12Or regulatory principles
09:13Or best practices
09:14Should ASEAN learn from
09:16In terms of this
09:17So ASEAN
09:18I'll get ASEAN first
09:20But I want to talk about
09:21Malaysia specifically too
09:22If that's okay
09:23So
09:24For one
09:27ASEAN
09:28Takes a very pragmatic approach
09:30And it's really interesting
09:32Because
09:33There's of course
09:35Chinese hyperscaler influence
09:37As well as
09:38US hyperscaler influence
09:40They have their own
09:41Governance practices
09:42With these hyperscalers
09:43Such as AWS
09:44And then there's the governmental practices
09:51That you can look at
09:52With the EU Regulatory Act
09:53For AI
09:54The EU AI Act
09:56There's precedent
09:57That's established there
09:59So in terms of best practices
10:00I think it's going to be a hybrid
10:01Between what's best practice
10:03For companies that are working in Europe
10:06In North America
10:08But also China
10:10And if you look at
10:13Some of the
10:15Comparative analysis
10:17Between the hyperscalers
10:19I think that the governance
10:21In China
10:22Is probably
10:23Pretty good
10:25Like Alibaba Cloud
10:26For instance
10:27As well as Tencent
10:29And you know
10:30Some of the
10:31Some of the
10:32Chinese hyperscalers
10:33Have really good
10:35Auditability
10:35And traceability
10:36And like strict controls
10:38EU wants strict controls
10:39As well
10:40Whereas the US
10:41Is really opening up
10:43To the whole
10:43Sovereign cloud
10:44Type of framework
10:45And so
10:45The idea is
10:46How do we preserve
10:47Sovereignty
10:49For
10:49The company
10:51The customers
10:52That that company has
10:53The employees
10:54That that customer has
10:55All of that
10:56I think it's going to be
10:58A blend
10:59Of a couple of things
11:00But I think
11:01ASEAN in specific
11:02Is probably going to benefit
11:04By both Chinese
11:05And US
11:06Systems
11:07So that's one
11:08The second thing
11:10Is Malaysia
11:11Specifically
11:12Malaysia is in an
11:13Interesting spot
11:14As far as I'm concerned
11:15Limited tech debt
11:17Which is interesting
11:18Because
11:20Because I believe
11:21The currency is the bot
11:21Yeah
11:22So
11:22The strength of the bot
11:25Against the dollar
11:26It's been weak
11:27Historically
11:28And so
11:29A lot of developers
11:30Human developers
11:31Have been in human capital
11:32Ringgit
11:33Oh I'm sorry
11:33Yeah yeah
11:34The ringgit
11:35Right
11:35Not the bot
11:36I'm sorry
11:36The ringgit
11:37In terms of the ringgit
11:40The strength of the ringgit
11:43Against the dollar
11:44Has been such
11:45That it's been easier
11:46To hire people
11:47To do a lot of these
11:48Functions
11:49That could now be
11:50Used for autonomous agents
11:52Right
11:53Where I think
11:54Malaysia is going to benefit
11:56Is Malaysia
11:57Is going to offer
11:59A lot of infrastructure
12:00Resource
12:01To ASEAN
12:02Because it hasn't
12:03Been there before
12:04There's fertile ground
12:05For that all to happen
12:06In areas of industry
12:08In energy
12:10Compute
12:11Large data centers
12:13Still with lots of employment
12:15Of really good
12:16Human capital
12:17But still
12:19I think
12:19Malaysia is going to
12:21Turn into a big powerhouse
12:22Which is also going to
12:24Pave the way for governance
12:25As well
12:25So
12:26I'm looking forward
12:28To seeing how
12:28Malaysia responds
12:29To both
12:30You know
12:31Chinese governance
12:32Positions
12:33As well as
12:34US and European
12:35Governance positions
12:36But I think
12:37That over the next
12:39Year or so
12:40Once the EU
12:41AI Act
12:43Really solidifies
12:44And we get
12:44Ratification
12:45From a lot of
12:46The member countries
12:46Of the EU
12:47Maybe ANZ as well
12:50But definitely
12:51As we start to see
12:53More governance
12:53And policy
12:54Between the US
12:55And China
12:56And the changing
12:56Political landscape
12:57I think Malaysia
12:58Is going to
12:58Benefit greatly
12:59From all of this
13:00So the balancing act
13:01Is not an easy task
13:02It's a new war
13:03I would say
13:04Yep
13:04Okay
13:05And you're on the
13:06Front of the line
13:06There too
13:07Right
13:07So this is why
13:08It's important
13:09That Malaysia
13:09Gets it right
13:10And I think
13:11Malaysia is going
13:12To be
13:12Critical to the future
13:14Of ASEAN
13:15In Southeast Asia
13:16Maybe even
13:18All of Asia
13:18As a matter of fact
13:20So
13:20Alright
13:21Michael thank you so much
13:22For joining us
13:22Really appreciate
13:23You're explaining
13:24This and
13:24Makes us understand
13:25And the important part
13:27Is how Malaysia
13:28Should be on the right
13:29Track
13:29Or on the right
13:30Track currently
13:31But facing a lot
13:32Of difficulties
13:32And also challenges
13:33I hate
13:33Thank you so much
13:34Michael
13:34Absolutely
13:35Thank you for having me
13:36Thank you
13:36Alright
Be the first to comment