At the Singapore International Cyber Week 2024, The Cyber Security Agency (CSA) of Singapore released Guidelines on Securing Artificial Intelligence Systems (the Guidelines) accompanied by a Companion Guide (Guide). Recognising the rapidly evolving AI industry, the CSA issued the Guidelines aiming to help system owners adopt AI safely by addressing cybersecurity risks, including adversarial attacks and potential data breaches, which could lead to harmful outcomes. The accompanying Guide complements the main guidelines, providing practical security measures and detailing optional practices to support system owners in securely managing AI.
Scope
The Guidelines aim to support those system owners adopting or considering AI by identifying specific risks associated with AI and suggesting risk mitigation measures across the entire lifecycle of the AI system. The Guide, elaborating on the principles of the Guidelines, provides practical suggestions and security measures. These guidelines are not mandatory or universally applicable and should be adapted based on each organization’s specific use case and AI development stage.
The scope of the Guidelines and the Guide is restricted to cybersecurity risks associated with AI systems and excludes other aspects like AI safety, transparency and ethics. Furthermore, the Guide is structured to be a living document that will be regularly updated to reflect new developments and expert insights in the field of AI.
You May Also Like: The EU Artificial Intelligence Act
How to Secure AI
Life- Cycle Approach
The Guidelines highlight five key stages in the lifecycle of an AI, i.e., planning and design, development, deployment, operation and maintenance and end of life. It is emphasised that any AI system owner must ideally consider each stage separately and take the lifecycle approach while assessing security risks.
Risk Assessment
The Guidelines recommend starting with a thorough risk assessment to tailor AI security measures to specific AI systems and use cases. Organizations should integrate continuous monitoring and feedback into their AI security strategy.
The CSA has suggested a four-step framework to identify risks and customise security or control measures.
Step 1: Conduct risk assessments focusing specifically on security risks associated with the AI system based on best practices of the industry or existing risk assessment frameworks of the company.
Step 2: Following a comprehensive risk assessment, it is necessary to prioritise areas that must be addressed. This prioritisation may be done on the basis of identified risks, impact and/ or available resources.
Step 3: Identify and implement measures to secure AI systems and implement relevant control measures across the AI lifecycle. The Guide provides an extensive list of possible control measures that can be adopted at different stages of the lifecycle.
For example, at the stage of planning and design, raise awareness of security risks and conduct risk assessments; during development, secure the supply chain, evaluate model security trade-offs, protect AI assets, and secure the development environment; at deployment, secure infrastructure, establish incident management, and release responsibly; in operations, monitor inputs and outputs, implement secure-by-design updates, and establish vulnerability disclosures; and in the final stage, ensure proper disposal of data.
Step 4: After implementing relevant security measures, it is important to evaluate residual risks and then make a decision regarding the next step.
Guidelines for Each Lifecycle Stage
Planning and Design
Raise Awareness and Competency: Organisations should take steps to educate and train their employees about potential security risks associated with AI to ensure that informed decisions are taken in relation to the adoption, use or deployment of AI.
Conduct Security Risk Assessments: It is beneficial to implement a security risk management system aligned with industry standards and best practices to identify key risks, prioritise them and address them appropriately.
Development
Secure Supply Chain: Securing the supply chain while developing an AI system can be done by assessing and monitoring security risks in the AI supply chain which includes training data, APIs and AI models. The organisation should ensure that the suppliers adhere to sufficient security policies and risk management practices.
Consider Security benefits and trade-offs when selecting an AI model: Before an AI system is developed and deployed in the market, it is important to evaluate the different characteristics and risks associated with each type of AI model and choose to work with the best-suited AI model. At this stage, factors such as explainability, complexity, sensitivity of training data and risk factors must be considered.
Identify, track and protect AI-related assets: Implement processes to track, authenticate, and secure AI-related assets like models, data and prompts to recognise their strategic value and protect data and intellectual property from potential threats.
Secure the Development Environment: Apply industry standard infrastructure and security principles such as access controls, monitoring, environment segregation, and secure-by-default configurations to the development environment to prevent security breaches.
Read Original Article Here > AI Security Simplified: Understanding the CSA Guidelines on Securing Artificial Intelligence Systems
AI Security Simplified:> https://tsaaro.com/blogs/ai-security-simplified-understanding-the-csa-guidelines-on-securing-artificial-intelligence-systems/