HKGAI COO Dr. Sara Huang Calls for Shift in AI Security from Passive Control to Proactive Prediction

Dr. Sara HUANG, Chief Mainland Affairs Officer of the Hong Kong University of Science and Technology (HKUST), Chief Operating Officer of the Hong Kong Generative AI Research and Development Center (HKGAI), and Postdoctoral Researcher in AI Media at HKUST, attended the "Cyber Security Forum" organized by the Digital Policy Office of the HKSAR Government yesterday (January 20). In response to the evolving security landscape brought by Generative AI, Dr. HUANG shared HKGAI's practical R&D experience at the forum. She emphasized that AI security must progress from simply control to proactive prediction, employing rigorous engineering methods to ensure AI behavior is “visible, traceable, and calculable".

Dr. HUANG began by introducing the development of HKChat (港話通), a local AI assistant developed by HKGAI. Since its official launch on November 20 last year, HKChat has attracted more than 630,000 registered users in just two months. Responding to a vast array of daily localized inquiries—ranging from “Where can I find the best barbecued pork buns?” to “How do I get from HKUST to the Central Government Offices for a meeting?”—Dr. HUANG noted that this presents both “pressure and motivation”. She pointed out that users are not looking for generic answers, but for responses that are smarter, more timely, and precisely align with the Hong Kong context. Regarding public concerns about Al security, Dr. HUANG stressed the goal of keeping potential risks within a ‘visible and acceptable' range.

Bridging the Security Gap: Generative AI vs. Traditional Software

Dr. HUANG highlighted the fundamental differences between Generative AI and traditional software. "Traditional software executes based on fixed rules, whereas Generative AI generates content based on data and context. Therefore, risk is not confined to the system itself but extends throughout the entire process from data input to output."

She added that many AI security efforts today remain at the stage of “patching vulnerabilities". As the technology is increasingly applied in public services and legal consultations, passive defense can no longer meet operational demands. Proactive prediction, she emphasized, is essential to overcoming security challenges.

Dr. Sara HUANG (center) attended the Cyber Security Forum organized by the Digital Policy Office of the HKSAR Government yesterday (January 20).

Building Foundational Capabilities for Proactive Prediction

Speaking about HKGAI's practical experience, Dr. HUANG stressed that the prerequisite for proactive prediction is a solid foundational capability. “AI security risks are often difficult to anticipate, not because of insufficient algorithms, but because the system cannot ‘see' or ‘calculate' clearly.” In its product development, HKGAI first focused on completing the collection of logs, call chains, and full-process input-output data to ensure that model behavior is traceable and monitorable. It has developed its own evaluation framework to build an analyzable, reviewable safety data system, providing the data backbone for proactive prediction.

Addressing issues faced by Generative AI, including data risks, linguistic induction, and hallucinations, Dr. HUANG introduced HKGAI's layered defense strategy:

• Data Source Control: Constructing local, traceable knowledge bases. For instance, legal answers in “LexiHK” (港法通) are strictly based on official Hong Kong statutes and precedents, with mandatory source citations;

• System-layer Defense: Implementing input restrictions, prompt audits, and security rewriting mechanisms to resist “jailbreak” inductions;

• Output Refinement: Utilizing RAG (Retrieval-Augmented Generation), Agentic Search, and output verification to constrain model behavior and reduce hallucination risks.

Three Strategic Priorities to Enable Proactive Prediction

Looking ahead to the next 6–12 months, Dr. HUANG identified the lack of foundational infrastructure as the primary obstacle to advancing from passive defense to proactive prediction. “If logs are inconsistent and we cannot understand how an anomalous output was generated, early warning becomes impossible.” She recommended that the industry prioritize three areas:

1. Enhance Observability: Enhance logs and call chains to ensure model behavior is traceable from start to finish.

2. Enable Data-Driven Evaluation: Address data fragmentation and upgrade evaluations from manual spot-checks to data-driven, quantifiable systems.

3. Cultivate Hybrid Teams: Build teams that understand models, data, and security in tandem, integrating security considerations directly into the design phase.

Call for User Co-creation: Feedback Drives Iteration

Dr. HUANG highlighted the importance of a “repair mechanism”, encouraging users to provide instant feedback if they notice outdated or incorrect information while using HKChat. She noted that corrections from real users are the most valuable nutrients for model optimization, and HKGAI looks forward to working with all Hong Kong citizens to refine this homegrown model.

Dr. HUANG stated that Al innovative applications of generative AI and robust security protection are dialectically unified. HKGAI remains committed to the principles of making AI “visible, traceable, and calculable", while cultivating hybrid talents who “understand models, data, and security”. The Center will continue to explore a proactive, prediction-based AI security framework, with the goal of building a strong security shield for the high-quality development of Hong Kong's Al industry and supporting the safe deployment of AI technologies across more sectors.

Government responds to Coroner's verdict on death inquest for vessel collision incident near Lamma Island in 2012

The Coroner's Court today (January 22) finished reading the verdict on the cause of death of the passengers involved in the vessel collision incident near Lamma Island in 2012.

A Government spokesman said the Government respects the judgment of the Coroner's Court and would study the verdict carefully with serious follow-up. At the same time, the Government expresses its deepest condolences to the families. After the incident, the Government conducted two investigations, including the one conducted by the Commission of Inquiry (CoI) established in accordance with the Commission of Inquiry Ordinance and the internal investigation led by then-Transport and Housing Bureau (then-THB); and accepted the expert reports under various investigations.

The Transport and Logistics Bureau has all along been supervising the Marine Department (MD) in following up on the recommendations of the CoI and the experts, and in adopting a systemic approach for fully implementing five categories of measures to enhance marine safety and prevent the recurrence of similar incidents. Relevant measures include -

Enhancing safety standards onboard: including requiring all passenger vessels' watertight doors to be fitted with visual and audio alarms; specifying the requirements of watertight door warning markings; improving the labelling and placement of life jackets; and establishing standards for securing seats to the deck;

Improving plan approval and vessel survey standards: including the creation of a dedicated team for plan approval for local vessels; introduction of standardised procedures for vessel surveys and plan approvals; introduction of the tripartite Inspection and Test Plan Scheme (ITP) for high-risk vessels by requiring the shipyard, shipowner and the MD to reach a consensus on important test items and acceptance criteria to clarify any misunderstanding or ambiguity regarding design and regulatory requirements, thus ensuring a vessel's watertight integrity and compliance with regulatory and contractual requirements;

Promoting operational safety within the industry: including the introduction of the common life jacket for use by adults and children; the enactment of the Marine Safety (Alcohol and Drugs) Ordinance to regulate drink and drug boating; and the mandate of lookout arrangements onboard vessels;

Strengthening industry professionalism and promoting safety culture: including the introduction of the Fast Speed Passenger Vessel Endorsement regime to enhance coxswains' and engine operators' navigational skills and ability to handle emergency situations, as well as the introduction of the Local Safety Management System; and

Introducing systemic reform of the MD's management and regulatory regime: including strengthening professional development of MD officers; launching of the electronic vessel survey system and introducing the use of electronic certificates to enhance work efficiency and quality.

Please refer to the Annex for details of the relevant measures.

As for the responsibilities of the MD officers involved, the then-THB forwarded the internal investigation report (THB Report) to the Civil Service Bureau (CSB) for follow-up, and the CSB has, in accordance with the recommendations in the THB Report and the legal advice from the Department of Justice, took actions according to the disciplinary procedures and finished following up on the relevant cases. There were also two MD officers involved who were criminally prosecuted and sentenced to imprisonment.

As regards the recommendations of the Coroner for the MD, including (1) to continue regular engagement with shipbuilders, marine transport service operators and relevant professional bodies or issue simple guidance notes or clarification to ensure that they understand the application of relevant rules and regulations; (2) to implement a new declaration system requiring vessel owners, before each periodical survey, to confirm whether any alterations have been made since the previous survey; (3) to continue to review the working hours and rest arrangements of seafarers, with a focus on identifying fatigue risks in day-to-day operations, and with major ferry operators consulted in the process and the Local Vessels Advisory Committee used as a forum for relevant discussions; and (4) to disseminate to the trade information on the recommendations the Coroner gave to Cheoy Lee Shipyards, the MD will seriously study them and follow up. In respect of the first recommendation, the MD has been stepping up communication with the industry and implemented the Local Safety Management system, with the adoption of a proactive risk management approach to enhance communication with the industry on marine safety issues. For the second recommendation, the MD is actively preparing for the introduction of a requirement under the existing ship inspection system that shipowners must declare that there were no unauthorised alterations of the vessels concerned prior to a survey. In respect of the third recommendation, the Government will review the working environment and conditions of local seafarers and will thoroughly consult relevant stakeholders. For the fourth recommendation, the MD will communicate with other shipyards in respect of the relevant issue.

The spokesman expressed that the Government will continue to work hand-in-hand with the industry to strengthen marine safety together.

Source: AI-found images