You created a machine learning application. Now make sure it's secure.

In a recent post, we described what it would take to build a sustainable machine learning practice. By "sustainable," we mean projects that aren't just proofs of concepts or experiments. A sustainable practice means projects that are integral to an organization's mission: projects by which an organization lives or dies. These projects are built and supported by a stable team of engineers, and supported by a management team that understands what machine learning is, why it's important, and what it's capable of accomplishing. Finally, sustainable machine learning means that as many aspects of product development as possible are automated: not just building models, but cleaning data, building and managing data pipelines, testing, and much more. Machine learning will penetrate our organizations so deeply that it won't be possible for humans to manage them unassisted. Organizations throughout the world are waking up to the fact that security is essential to their software projects. Nobody wants to be the next Sony, the next Anthem, or the next Equifax. But while we know how to make traditional software more secure (even though we frequently don't), machine learning presents a new set of problems. Any sustainable machine learning practice must address machine learning's unique security issues. We didn't do that for traditional software, and we're paying the price now.