Oklahoma has almost 23,000 bridges, which means it would take a mere human quite a while to answer questions like:

• How many bridges have been considered structurally deficient in the last five years?
• Which county has the most bridges?
• Which bridges have shown the biggest decline in structural integrity over the last decade?

With the help of consultancy and Google Cloud partner North Highland, the Oklahoma Department of Transportation (ODOT) prepared 30 years of bridge-inspection data for an AI platform that can help public sector employees answer important infrastructure questions.

Prepping bridge report data required a governance effort, a cleanup of inconsistent formats, and human review.

Why do this? Infrastructure information existed in silos, according to ODOT Enterprise Systems and Services Director Lance Underwood. “Some of these questions just were taking a little bit too long to get the answer from the right group,” he told IT Brew.

Oklahoma had decades of systemic bridge inspection data—reports featuring IDs, locations, and condition scores. North Highland helped the government agency get that into an AI-ready form.

And Underwood wants to add even more DOT data to the lake.—BH

When it comes to generative AI, it’s important to make sure something designed to help doesn’t actually hurt.

Despite the potential for AI to enhance cybersecurity, IT professionals are still figuring out how to deploy generative AI on the security front. Melissa Ruzzi, AppOmni director of AI, told IT Brew that one of the roadblocks to proper deployment is the data ingestion needed to effectively use the technology.

The use of raw data logs, which involves AI systems being fed large amounts of unsorted data that could reveal information to malicious actors, creates an expanded threat surface that complicates security solutions. Ensuring data is contextualized and sorted requires valuable work hours.

“In cybersecurity, that’s actually a big part of domain expertise,” Ruzzi said.

What IT teams need to consider.—EH

Like a giant Citronella candle, AI research company Anthropic has a big idea for getting rid of lots of bugs.

In its April 7 announcement, the maker of the Claude family of large language models (LLMs) will allow a set of 40-plus companies supporting “critical software infrastructure”—Amazon Web Services, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks—to use its Claude Mythos Preview model to identify vulnerabilities in their code.

In a blog post accompanying the announcement, Anthropic’s research team claimed that Mythos Preview found decades-old vulnerabilities, including “a now-patched 27-year-old bug in OpenBSD—an operating system known primarily for its security.”

Some security professionals expressed guarded optimism about the initiative, dubbed Project Glasswing, citing its ability to identify software vulnerabilities faster than human researchers can.

“We’re deploying vulnerabilities faster than we could possibly ever deploy fixes for those vulnerabilities, so we’re always behind. This is a chance for us to get ahead,” Ed Skoudis, president of the SANS Technology Institute and founder and CEO of the penetration testing company Counter Hack, told IT Brew.

A super-powerful bug finder also brings risks.—BH