Rajev: Certain. I feel that as we speak none of those conversations could be full with out speaking about AI and generic AI. We begin this exploratory section early within the sport, particularly on this a part of the world. However for us, the hot button is to method this primarily based on buyer ache factors and enterprise wants after which work backwards to determine what sort of AI is most fitted or related for us. At Cathay we at the moment give attention to three primary forms of AI. One is, after all, conversational AI. Mainly, it’s a type of inner and exterior chatbot. Our chatbot, we name it Vera, serves prospects immediately and may deal with round 50% of queries efficiently. And simply two weeks in the past, we up to date the LLM with a brand new mannequin, the chatbot with a brand new mannequin, which could be extra environment friendly and far more responsive by way of human work. That is part of AI that we make investments so much in.
Second is RPA, or robotic course of automation, particularly what we’re seeing is that through the pandemic and the post-Covid period, there are restricted sources out there, particularly in Hong Kong and all through our provide chain. Subsequently, RPA or robotic processes assist in automating repetitive and mundane duties, which not solely fills the useful resource hole but in addition immediately improves the worker expertise. And thus far at Cathay we’ve got round 100 robots in manufacturing serving numerous enterprise models, which quantities to roughly 30,000 hours of human exercise annually. So that is the second half.
The third has to do with ML and is the AI ​​era. Thus, our digital workforce or knowledge science workforce has developed greater than 70 machine studying fashions at Cathay that transformed the group’s knowledge into insights or actionable parts. These fashions assist us make a greater resolution. For instance, what meals will likely be loaded on the plane and particular routes, by way of what amount and what sort of product choices we promote to prospects, and together with fare loading and pricing for our passengers, in addition to airline area. cargo bay. There may be additionally loads of exploration occurring on this area. And a few examples that I might relate is that in case you ever come to Hong Kong, the subsequent time you’re on the airport, it is possible for you to to take heed to the general public announcement system and just lately it’s also powered by synthetic intelligence. Prior to now, our employees used to make these bulletins manually and now they’ve retired and moved to AI-powered voice expertise in order that we could be constant in our bulletins.
Megan: Ah, unbelievable. I will should take heed to it subsequent time I am on the Hong Kong airport. And you have introduced this up a few instances within the dialog. Look, after we speak about cloud modernization, I suppose cybersecurity could be an impediment to agility if not managed successfully. So might you additionally inform us in a little bit extra element how Cathay Pacific has built-in safety into its digital transformation journey, notably with the adoption of the event safety operations practices that you simply talked about?
Rajev: Sure, this one is attention-grabbing. I cope with cybersecurity and infrastructure companies. With these two important features at my fingertips, I’ve to take each facets under consideration, proper? Sure, it is attention-grabbing and it is modified over time, and I fully perceive why cybersecurity practices should be inflexible as a result of there’s loads of compliance and it is a extremely regulated perform, but when one thing goes unsuitable, as CISO we’re chargeable for these failures. I can perceive why the workforce is so inflexible of their practices. And I additionally perceive that from a enterprise perspective, it might be perceived as an impediment to agility.
One of many key issues we have completed at Cathay is we have been following DevOps for fairly just a few years and just lately, I feel within the final two years, we began implementing DevSecOps into our STLC (software program testing lifecycle). And what that primarily means is that as an alternative of the core cybersecurity workforce being accountable for lots of the safety testing and people sorts of issues, we need to transfer a few of these capabilities to the builders in order that the people who find themselves now creating the code be accountable. for the checks and the standard of the outcome. And they’re additionally enabled by way of the cybersecurity course of. Good?
After all, after we began this journey, there was loads of resistance from the safety workforce itself as a result of they do not actually belief the builders attempting to do the testing or the check outcomes. However over time, with the introduction of assorted instruments and automation carried out, that is coming into a maturity stage the place it now permits the preliminary groups to handle all facets of safety, similar to menace modeling, safety scanning. code and vulnerability testing. However ultimately, safety groups would nonetheless validate and act as a sort of gatekeeper, however in very light-weight and built-in processes. And this manner we are able to be sure that our cloud purposes are safe by design and, by default, can ship them extra shortly and reliably to our prospects. And on this complete course of, proper?
Prior to now, safety was all the time perceived as a duty of the cybersecurity workforce. And by enabling builders of the safety facets, the group now has higher possession relating to cybersecurity and a greater cybersecurity tradition is being constructed throughout the group. And that, to me, is essential as a result of from a safety standpoint, we all the time say that persons are the primary line of protection and sometimes they’re the final line of protection as effectively. I’m glad that by way of these processes we are able to enhance that maturity within the group.
