So You Want To Write A Book? Writing About AI Security For No Starch Press

Thanks everyone. This is my first time in Prague. So, it's been really lovely and I'm delighted to be able to see all of you here. I have a question for all of you, why you're here at all. Have Have any of you either considered writing a book before? Can I get a show of hands? Okay, I've got a couple. What about any other big projects that you want to wanted to do as part of your work? You can, you know, take [laughter] that broadly. Some kind of big big project that you've wanted to do for a while. Yeah? For the people who are interested in writing a book, have you started that process? Have you started writing or

looking into how to how to do it?

Okay, I've got some casual nods. All right, so the point of this presentation is to show you just a bit of a behind-the-scenes look into what it was like writing a book. And the idea isn't necessarily that you should then go and write a book for some publisher. Although, if you want to, the idea is that you should be able to, you know, have a bit of an understanding of how to do that. But really, for any any kind of bigger project that you want to do, where you might need to get help from some other kind of, you know, organizing body, the process would be largely similar. So, the idea is that, you know, you can

leave here this afternoon having a better idea of how to go about that. So, the process itself was probably I don't know, both shorter and longer than I anticipated. If If any of you have done big writing projects before, like PhDs or other like longer blogs, I guess, I think when I when I timed out how long I expected it might take to write, I don't know, 70,000 words, I kind of just took my, you know, the period of time it would take me to write a thousand words and then extrapolated that out which is ridiculous because it didn't account for all of the editing time and rewrites and like changes in messaging and then

things get updated over time and in AI really quickly. So the writing time was really truncated but production time was longer than I expected and I'll go into sort of why that is and like how you might be able to learn a bit about why that's the case as well. So I asked you this question because a lot of the time when I mentioned writing a book with No Starch Starch Press the most common response I get is oh I've always wanted to write a book but I just haven't known how to do it. And the thing with No Starch Press is that it's really accessible. Anyone can go and submit a pitch through their website and there's quite a lot of

clear information about exactly how to do that and what you should expect. But for other kinds of like for other publishers it's not so clear-cut. So I'll go into that too but a lot of the time when I'm speaking to friends or colleagues about this and the biggest problem I find is that they're not sure if anyone would want to read that book and I think if you want to write it for some reason like maybe there's a gap that you've perceived or you wish that someone would cover something in more detail then probably someone would want to read that book. So I hope that's like encouraging for any of you who who might be considering that and that's a that's

a good thing. [laughter] So a bit about me to just to paint a picture of of how it all happened. So I've been working at the intersection of data science and cyber security for about 10 years but I started in data science. So I didn't necessarily come from a cyber security background. I was working building machine learning models. I'm initially in Australia's Department of Defense. And so back in 2017, we were building chatbots for the Navy and Air Force. I don't know if they really needed those chatbots. I think they just wanted to spend money on AI. But it was really interesting work to be involved in and it ended up giving me a much better sense for the

sort of national security community and that intersection with both AI and security. I then worked at a startup in the United States for a little while, but then COVID happened and so I went back home to Australia. And not to make it sound like a plan B or anything, but the only place hiring was the Australian Signals Directorate, which is our equivalent so GCHQ in the UK or the NSA in the USA. I don't know the regional equivalent, I'm sorry. But it was really interesting environment to be in because like over the time that I was there, I I saw a number of different teams and that's how I got to use my data science

skills in cyber security settings. And I started doing a PhD in this field called adversarial machine learning, which is all about hacking or disrupting machine learning models at a more statistical level. It wasn't really about looking at, you know, AI systems. It was more about how we could manipulate machine learning models. And so by the end of my time at ASD, I was the acting technical director of the AI Hub. And the AI Hub basically had the remit of advising Australia's intelligence and national security communities on AI adoption and strategy and especially safety and security. And I saw that security was taken really seriously. But it was challenging because like outside of that job, I was doing my PhD

in this field that was seen as very academic and you know, not not real world applicable in any way. Certainly back in 2020. And so I left my job and I started a company thinking, "Well, everyone needs to know about AI security." And that's a really terrible environment to start a company with if there's no like market demand for a product, what on earth did I think I was going to be selling? Um so, I basically spent a couple of years like telling people that they should care about AI security. And I did things that in you know, at the time felt like I was going back to being 20 years old. Like I had a YouTube channel

and I started doing social media. And it was really fun, really funny. But the whole thing felt very hacky. Like I really didn't feel like, you know, someone who'd been in the job that I had. Um you know, I definitely wasn't taken seriously when I when I was doing it. Um but then you know, a bit over a year ago, suddenly a genetic AI became really important and then everyone suddenly knew about AI security. And for the first time, instead of begging people for work, I had so much inbound interest that it was like really difficult to like scale really quickly. But it's been great because now lots of different kinds of organizations want to know about AI security. And last

year my company developed the first AI security framework in the Australian government outside of national security. So, it felt like a really nice sort of going back to back to where it began. The The reason I highlight that journey is because I had always seen this problem of this lack of awareness in specifically how I defined AI security. So, when we're at conferences like this, people will talk about AI security as using AI for cybersecurity. So, whether that's offensive or defensive and being able to do things like um either use LLMs to write malware or like classify malware or detect it, um or do anything else related to security. And there that's a very valid use case. Um I

look at it from the other perspective, actually. So, I mentioned that I came from data science and machine learning. I define AI security as securing AI systems themselves. But I will cover that in more detail when I get to those slides. So, the book process itself began in 2024. So, this is sort of towards the end of that, you know, 2 years I was talking about where I was wandering around and telling people about AI security and no one seemed to take me seriously. Um then a few things happened around that time >> [clears throat] >> um which were quite important. I spoke to more like the landscape I was in. So, to explain that, I'll go back to the

beginning. So, I hope people get the Hillary dot coms, maybe not all of you. But um I mentioned before that this key distinction between like AI for security and AI security, like security of AI systems, um really defines what I saw as a gap in the field. And there's this other very big gap when it comes to like what exactly is going wrong with artificial intelligence systems. And a way that I like to think of it is in terms of the direction of harm. So, most of the time if I look at like different news websites or AI incident repositories, of which there are now like half a dozen, um possibly more, um there are thousands and thousands of AI

specific incidents that have been logged. And these are a few examples of them. These are the kinds of incidents where they're being used to like AI's being used to create deep fakes, it's used for misinformation disinformation fraud scams. Um essentially AI is doing something bad. But there isn't so much uh attention on when someone, like a human or an AI attacker, is doing something bad to AI. And so, that was the field that I was looking at. So, when I talk about AI safety versus AI security, the definitions aren't meant to be like it's either one or the other. But in terms of the direction of threat, if there's orthogonal paradigm where it's really clearly distinguished between whether

it's an AI safety threat, so like the AI is doing something bad, or it's AI like security of AI, where it's someone trying to hack or disrupt the AI system in some way. And then of course, AI security as you know, AI for cybersecurity. Also gets muddy with the way that I see a lot of AI safety researchers talk about AI security, which is usually traditional cybersecurity controls for AI frontier labs. And so because I sit at this intersection of artificial intelligence and security, most of the people I work with in AI, more like safety researchers, they're more more looking at how to make sure that as AI systems become very very capable, they don't become so capable that they become

like deceptive or they over optimize on properties that you know, human the human didn't intend. And they tend to focus more on the frontier AI capabilities by labs like you know, open AI and Anthropic. And so for them, AI security is actually just basic cybersecurity hygiene on those kinds of labs to make sure that you know, other nations don't get access to them. So there's all this very like muddy water when it [clears throat] comes to what AI security actually is, but what I really cared about was understanding whether AI systems themselves could be attacked, and not just the like the AI system, which you know, is is really important to have traditional cybersecurity measures, but whether there was anything

like fundamentally different about machine learning models that meant that they could be attacked differently. So that was the nature of the research that I was doing and doing in preparation for the book as well.

Has anyone heard of adversarial machine learning before? I got a couple of couple of kind of indication nods. Okay, so basically adversarial machine learning is this field that rose to prominence in like 2013 because of this original research paper that showed an example a bit like this, but it didn't use Terminator as the reference. But basically the idea was that you could take any clean image, so just a normal image, and then you have some sort of target machine learning model that you're trying to disrupt or compromise or deceive in some way. And so based on that target model, you craft these very special adversarial perturbations. Basically just like noise, but it's not random noise, it's

specially crafted based on the statistical knowledge of that model. And then you superimpose that on top of the original image, you give it to that model, and it's not able to work, it misclassifies it. So the original example was taking an image of a panda which the model predicted was like over 95% confidence was a panda um when it originally looked at it. And then with the special noise superimposed on top of it, it predicted it was a gibbon with 99.99% confidence. And this is the kind of noise that a human could not detect. So in other versions of presentations I've done, I basically look at the Terminator as an attack surface um with the premise being, you know, how

can I hack the Terminator to make sure that it can't go back in time and recognize Sarah Connor. Um so here we have an image of Sarah Connor, aka Linda Hamilton, who plays Sarah Connor in the movies. Um and then we create these special perturbations, the special noise, and then this open source model that I used it's um called Clarifai AI. Um it's since been taken down, um but basically I could show it this picture and it would predict that that is Harry Styles with 99% confidence. And I've deliberately dialed up the noise so that you can see it. Um ideally you can't actually see that noise and it would still work about as well.

But when in the middle when I say that there are untargeted perturbations, that means that I basically want the model to predict anything. Like there's no specific target in mind. I don't care if it predicts that's Harry Styles or um Hermione Granger or anyone. But I could do an equivalent that is targeted. So I could specify who I want that target to be and then the noise in the that looks a little bit different based on the statistical that the model understands when it makes a decision and then I can um create noise that will um make it predict it's Hermione Granger or Emma Watson. That relies on an access to the model, but because most models tend to like

generalize, they'll kind of work the same internally, I can create that noise based on one model, give it to another model and it's almost as effective. So in adversarial machine learning, that attack wasn't considered that realistic. Like in reality, it's very hard to inject specific noise into a computer vision model, the kinds of models that look at, you know, do vision things. But there are over 100 different kinds of adversarial machine learning attacks and many of them are much more realistic. So if the original premise was injecting special data into a model so that it doesn't work as intended, that's basically defining prompt injection. So instead of you know you know we're we're using special, you

know, malicious words or they're they're written in specific ways to disrupt the model and make it, you know, bypass its guardrails and give you something like that. So if we think about the model as like an attack surface as we would any other software system, there are different kinds of models. So the top example is a very basic computer vision model based on a convolutional neural network and then the bottom is a transformer, which is the backbone of natural processing capabilities like large language models. So, all of these different attacks can work slightly differently at different stages of the different kinds of models. And again, I'm using the Terminator as an example, but the the you know, to what extent

they're realistic, um again, depends. But, something that's really key is that this is looking at the scope of the machine learning model rather than the AI system. And when we're looking at these more statistical-based attacks, it's a really important distinction because the kinds of like defenses that might work at the model level are different to the kinds of defenses you would think about at the system level, which is a bit more like traditional cyber and infosec flavor. So, that's the backstory. Um so, I was doing all this work, feeling kind of depressed. Um I had this really hacky YouTube channel, and then I did a Def Con talk. And it started to get a bit more attention.

Um I still felt kind of crappy about myself. Like, the Def Con talk was very, very stressful. I I don't think I want to do it again. I had so many like misogynistic comments on the YouTube video. But, I'm glad I did it because that's how No Starch Press found me, and they reached out to me and asked if I had ever considered writing a book. And yes, I mean, I I would have loved to, you know, before then I'm have loved to write a book. Um and I was thinking about how on earth I would actually do that, like how to how to make it happen. But, I've since learned that, you know, the editors at

No Starch Press and other publishers are usually looking at people who do a lot of public speaking or they're active on YouTube. So, if there's one big recommendation I have, if you're interested in it or you're becoming interested in it, um it's that like you could know all this stuff, but without a public presence, no one is going to know that you know that. So, like depending on your specific niche, there are different editors who are looking in different places. Like for example, I'm not really a software engineer, I'm a data scientist. So, I don't I don't live on GitHub. I don't have tons of repositories. I don't do a lot of like code that stays where it is,

you know, models just kind of evolve, you give it to someone else. Um so, for example, I wouldn't be active on those kinds of sites or like bug bounty platforms or whatever. Um but if that's the niche that you're in, you just got to find where people are going and where people are looking. So, in the journey of the book, those were very, very helpful. And um I definitely recommend that kind of presence. Okay, so now we go back to September um of 2024, and that's when they reached out to me. And the process itself was very, I guess, author-led. Um I had to define things like deadlines and when I would be able to get the book

to them, but it was very much based on how long I thought it might take. So, I I basically had the liberty to, you know, predict how long it might take me to write a book, which is really hard. And like I said, I um totally mis- misjudged. Um but yeah, I I essentially gave myself a year, um maybe 9 months from the start date um of December that year um based on just sort of knowing already how long I took to write because I'd done a PhD, so I could sort of calculate like really haphazardly and obviously correctly. Um but for for example, I know other authors who are working in teams, um which I hadn't really considered at the

time, but I know I know I know a few other No Starch Press authors who work collaboratively, and they'll split up chapters between them, and then either work on it in parallel or they'll sort of hand it over to each other at the appropriate stage, which I think is a really good way of doing it if you have a lot of commitments or if you want to write a book that's quite broad and you feel like the like input of other subject matter experts would be really useful. I know I also know lots of other solo authors who kind of gave themselves a bit more breathing room, like they gave themselves up to 2 years to write it. Um

I mean, at the end of the day writing it in 9 months was possible, but it was really awful. Um in [clears throat] a good like I enjoyed writing it, but I remember like I went on a writing retreat in New Zealand. I'm from Australia, so it wasn't like that far for me. But I I went to Queenstown and I booked uh a week in this kind of cute in motel style thing and I was like, "This is going to be great. I'll just write during the day and then I'll go for little walks and I'll go to cafes." And I had deadlines that I was tracking to, so I kind of knew how much I need to get

done in in that period of time. And what it ended up looking like was I'd wake up at 7:00 every morning. I'd like have a quick breakfast and then immediate immediately start writing. Have a quick walk, but then it'd be like 10:00 p.m. suddenly and I had to like go um go to sleep. So it was it was pretty grueling, but I know other authors who do things like writing retreats and if they I think a week isn't really long enough because you want to go somewhere and not feel pressured to tourist as well. Um you don't want to feel pressured that you're going to miss out on the beautiful sights of Queenstown because you're sitting in a room that's facing

direction. Um so I know authors who've done retreats that are like a month long and I'd probably recommend that. Um even just to get in the right headspace and not having to context switch so much. Um I think that's probably something that I would do differently next time. But for the most part it was um you know, hard but not not impossible. It just meant a lot of writing on weekends and I run my own company, so I was able to have some flexibility with that, but also meant that everything else kind of slipped. You know, it's it's something something had to give and I had to get the book done on time. So, it was other

things. But, it was worth it because um I also am a digital nomad, so being able to travel around and do it all um was like it's the kind of work that you can do very flexibly. So, it was ultimately a nice experience. Um but, I definitely would recommend thinking about that and giving yourself more time if you're if you're trying to figure out how much time you need to take on a project like that.

The editing process was um really really wonderful. Um like the editor that I worked with at No Starch Press was so good. And I know authors who've worked with other publishers and they've found it challenging. Um but, working with No Starch Press was incredible. Like I worked with Frances. If anyone is looking into it, you know, Frances was incredible um because I would give her a piece of a piece of writing and she was able to say, "Actually, that's like that's technically incorrect, that thing that you said. And also, it would be much better if you just did all of this." Um it was it felt like having a co-author almost. When when I've spoken to people

who are a bit nervous about writing a book a lot of the time, they might be a bit like not very confident about their writing style or um how clear it might be or being able to convey technical ideas to an audience. Um but, working with an editor was really great and she took on a lot of that burden. I don't [clears throat] think I'm a terrible writer, but I certainly, you know, the book sound like comes across much better than my actual writing skills. Um the other thing I'll say is that keeping the audience in mind is really important. So, a a publisher like No Starch Press deliberately tries to write for an audience that knows a bit about

something, but probably isn't already an expert, or at least the emphasis is that you write in plain English. They're meant to be like digestible technical books, not the kind of technical book that you like dread reading. Um, whereas I know other publishers that's not always the case. Like if you're working for an academic publisher, you're probably going to be writing more for an audience that is already that subject matter expert, um, and you're helping them refine their, um, knowledge of of something. But, for No Starch Press, I really like that it was meant to be plain English. I think it's the kind of book that I would have wanted to read, you know, five years ago

when I was when I was starting to get more into adversarial machine learning. Um, but the editing process was pretty arduous. Like I think for, um, the first chapter, which had more edits because I was still getting used to writing and still getting used to the style and refining what the book was going to be about, there ended up being 11 versions. And some of those were really big substantive changes, and towards the end they became more polishing and making sure that I wasn't accidentally like copyrighting other people's images, um, and and that kind of thing. But, 11 versions is still like a big burden of [laughter] like editing and reviewing editing while you're also

trying to write the other chapters. I I've also heard of, um, publishers where they get an entire manuscript and then edit at the end. Um, so I recently met Ally Miller who wrote Code Wars, um, and she said that was essentially the, um, the process that her publisher, I think it was Wiley that that they took. And to me that sounds awful and so stressful because, like, I don't know, what if there was some big, um, I'm imagining if I wrote it, I would have like misjudged something really big about like what my editor knew or what should be in there and then only having a few months to to go through that editing process at the end would be

really hard. But No Starch Press they did it throughout so I'd submit one chapter, they would edit it while I was writing the next chapter and so on.

And then the And then it went into production. So once I submitted everything to them, um something that I didn't really think about was I guess what happens after I wrote it. Um so the production process was really really long. I I finished writing the actual book in like September last year and it has now officially come I think last week people started getting print copies and then it's available in most booksellers who gets No Starch [laughter] Press books from June. But once I submitted it in September, even though it was mostly edited, there were so many additional checks. Um so I mentioned for example making sure that none of the images were copyrighted um

cuz I did work with external graphic designers cuz I have no design skills. And so like there were a few times where we found out that that accidentally used a like a figure or some kind of um like drawing. Um there's all these like robot icons throughout or something that might have been copyrighted. So that process was really long. And then um typesetting and formatting the book um based on the specific like templates that they had so that they could give it to the printer um was a really really long process as well. Um and it's not like it was not super arduous for me but yeah every every few weeks I'd get a different version of the

manuscript with a few things to check and like little wording tweaks were still happening. Um but even while all those those things were happening in the production process, there was still like an early release version that came out at the end of last year. So, for example, people who signed up and got that version have a version which is now different. Like, for example, the the changes to the the copyrighted images are still in there. So, please don't sue me. Or um that some of the the tweaks um to to wording um is not in that original pre-release version. So, um something to keep in mind if you're if you're looking at that process, um make sure there's nothing

like too bad in that version. But, they wouldn't let that get through. But, I just found that whole process interesting cuz I I also expected that there would be like one launch date, but it's more of a a slower, want to say dribble. Um and so, they have a really good marketing team, but a lot of the marketing is also author-led. So, it means that I have to like think about like what am I I don't know what one that is. Like, I'm not a marketing person. Um like, I really had to talk to friends of mine who are in marketing to figure out like what I can do in that process. Um and so, having like a few staggered

points was like quite interesting, but it's also I don't know, marketing is hard to me because I don't know, there's there's a lot of um I don't I'm not a design-minded person. I just find all that quite hard, but it's also a fun challenge to get around because if you know your audience really well, then you kind of know what they like and you know where they are. Um so, it's fun to kind of be a bit creative. So, most of the production process wasn't that stressful for me, but I could tell it was very stressful for them. Um because every so often I'd be CC'd in emails where they were like, "We're delayed. We must get this like tomorrow

from you because otherwise it's not going to make it to the printer." And I was like, "Ah, for sure." Okay, well, I had no idea like what the you know, what the printer timelines are like or how that works or the lead times. And um I think it's like the whole process that I'm not really exposed to with how they then work with other booksellers um to distribute the book is really interesting. Um, for example, they distribute it through their own website, but also through Amazon, which traditionally is not like very favorable to authors and especially independent publishers. Um, and then other bigger booksellers like uh, like Walmart, Barnes & Noble, but a lot of um, like stores wouldn't

necessarily stock those books. And so, hearing the behind the scenes about like why that is and like the process of them having to go and, you know, pitch to those um, like bookstores is quite interesting. Um, and it's a it's a whole process, but largely I don't need to worry about it too much. So, I've mentioned that the the physical book has already come out. Um, I would have liked to maybe show it to you, but I actually haven't received [laughter] my copy yet because I've I keep traveling. I know, I um, no disrespect to no such person at all cuz the problem is me and that I travel around so much, but I found out that people started

receiving their copies because they tagged me on Instagram and I was like, "What? You mean you already have a copy?" Um, and I think that express shipping a couple to my Australian address cuz I was in Australia next week. So, I will be able to pick some up there and I'll get to see it. But, um, even [clears throat] going through like the cover art process, I can't remember which um, if the next slide has the cover artwork. And this book is a little slow, but um, so you can remember earlier it has it's like the blue um, blue cover with like the robot on it. Um, I wonder [clears throat] if the next one. Um, no, it's like one.

Um, but basically they asked me if I had any suggestions for the cover. Um, they recently went through a rebrand and they used to have all yellow covers with different um, sort of Futurama style Bender looking robots on them doing funky things and Bill um, was talking about how he wanted to like change all of the books and then like how to pivot that design direction. Um, and they asked me what I wanted the cover to be, which is really hard because again I'd said I have no design skills. But um one one thing that kept coming up through the book was the analogy I use it like a uh an assistant style robot um, called Chris AI, which is based on

like I think one of the original robot stories from like Greek mythology or something. Um, and so I I gave the idea of having like some sort of mythical looking gold robot. Um, and that's is basically what they went with. And they showed me a few options and I was like they all look fine to me. Like I have no idea. Um, so I picked one and I'm pretty happy with it. But um I want to give everyone else the opportunity to win a free book even though I still haven't [laughter] got one, but um, the let's see how this goes because this is the first time I'm running this and as I said I'm not a marketing person.

But I I really want to give everyone the opportunity to win a copy. So if you go into Instagram and you look up Harriet Hacks, you can first you'll see my really dodgy social media presence. Um, but there's a post and if you basically comment what you would write a book about, then in June I'll be picking someone to win a copy. So I'll give you a couple of minutes just to like jot down the handle and then you can head over there, but you can you can do it later.

One of the other things I found really interesting about the marketing process was um, like a lot of booksellers and a lot of publishers like No Such Press are at this inflection point where they're moving from like traditional marketing to like leaning into social media. And it's really interesting to like watch that pivot and watch the and and see how they do it. Um but while you're going there or if you're going to that's also fine. Um let me give you some tips that I found that I hope you can use in your writing process or whatever project you're looking at doing. Um time [clears throat] management is I guess an important one that's that's

obvious. Um We know that time management is important but how to actually make it work in practice I think is something that really depends on every individual and understanding what works for you. But what worked for me was if I had um like strictly blocked longer periods of time. I I know other authors who for example work a day job and then in the evenings they work on their book. That just doesn't work for me cuz I find it very hard to context switch and because I was also writing my PhD at the time um I doing a lot of writing meant that it was very hard to just like constantly switch between PhD and my [cough] book. [clears throat]

Um so I found it helped if I spent like a week doing like business and PhD stuff and then a full week working on the book and blocking it off that way. Not everyone would be able to have that flexibility but if like if you're like me and find that context switching hard like having a dedicated long weekend to work on it can be really helpful or booking like a longer writing retreat. I think those are kinds of like time management techniques that have helped a bit more. Um having deadlines also really helps with time management. Like see how I've not made the the deadlines. But I will say say that No Starch Press was very um

like flexible with deadlines. They said that they would much rather have a good chapter than you know you submit something that's not great just so that it makes the deadline. Um persistence also really important. Um not just through the writing stage I guess but in terms of I don't know, becoming a a a subject matter expert in that specific niche. Um and also like so the persistence and like getting to having confidence in your skills at that point. And then in the writing process, being able to like even when it felt like a grind to just stick with it. And the scope is really important to consider. Um like not everyone is going to love

your book. Um but it's more about making sure that the the book is the right fit for your audience. So the people that I had in mind was like people who know a little bit about AI or a little bit about cyber, but we're kind of at maybe like a 10 out of a 100. And it wouldn't leave them experts in it, but it would take them from like 10 to 60. So that they then had enough information to pursue something more niche. Um and so I thinking about like what your audience really like understands and wants to learn is really helpful. Sounds very obvious, but in the original chapter one I had a bunch of like

history about how bits work in computing. My editor was like "Hey listen, that's ridiculous. Like your audience wants to get straight into the AI stuff. They don't want to hear about the history of like John McCarthy." So you know, there's there's a little bit in there, but understanding what that scope looks like is important. And then also having confidence to be able to I don't know, um write for a technical audience. And technical audiences as we know can be very picky and um can complain loudly. So that in a nice way, like that's a it's a good thing um if you're vocal about what you want, but it can you can feel a lot of like imposter

syndrome, a lot of fear communicating to technical audiences. Um but through all the interviews that I had as part of writing the book, um I spoke to a lot of like different kinds of technical folk all over the AI and cyber spectrum and everyone was very supportive. And doing that interview process as well is also a really good way to um yeah get validation about what you're going to be writing about. Not just in terms of the content but making sure that it's the right fit for them. So building that confidence to know that you actually really know your audience very well. I have a newsletter if you're interested in seeing some behind the scenes stuff.

Every so often I talk about what it was like to publish other AI security stuff too. But yeah so that's the that's the cover which I think is pretty cool. Cool cool robot. It was also created by a human and not an AI which I think is yeah like being a responsible publisher / author in this time is really important.

So my final question for you, the people who said they were initially running book, do you still want to write a book? And does anyone else is anyone else now interested in writing a book? No okay. >> [laughter] >> In that case if you don't really want to write a book, that's okay. You can read a book and It's the clicker have a discount code for you. So you can get 40% off the book until the 14th of May using product 26. Don't want to like it's not I'm not asking I feel so uncomfortable saying that. It's if there are in case you want it. I'm very grateful that you're part of this audience but

yeah I'm also really keen to stay in touch. So if you have any other questions or if you know if you're looking at No Starch Press as a potential publisher or even others. I know a lot of people who go with other publishers and what how that process is kind of different going through agents and all that kind of thing. Definitely here to help and help you learn from my mistakes. So thank you so much for your time. >> [applause]

>> DO YOU UM QUESTIONS? UM PEOPLE CAN ALSO LEAVE. Um Just quickly. One question Okay. Yeah, sure. Yeah. How did you make sure that um what you write uh stays on top of things in the sense that it's not outdated by the time when the book is out? Yeah, I was really conscious of that in in a space like AI and given a long production timelines. Um I mean, the thing about I decided with machine learning like the niche that I started from even though the book eventually looks at things like um like [clears throat] cyber system controls and red teaming and governance frameworks and that kind of thing was I guess taking it back to basics and the

core principles that haven't changed so much. So, like I do obviously have to look at technology and what is current and I use different case studies and stuff, but like some of the core reasons that the attacks work is because machine learning models are brittle, they're not very robust. That's the kind of stuff that hasn't changed very much. Um basic cyber principles like zero trust and monitoring. Um it's all about adapting them in AI specific context. So, I was really conscious that, you know, as like a genetic AI was becoming much more um of a like a newer emerging discussion point, most of the most of the best practice hasn't necessarily changed at all. A lot is just how to implement it

um is different. But I also had different technical reviewers read each of the chapter. Um so, I had a different perspective on whether there was something more like cutting edge that should be included. But yeah, it's a really good question cuz I was Yeah, quite really conscious of that. Thank you. Cool. All right, you're all free to go. Thank [laughter] you. >> [applause]