The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and the U.K. National Cyber Security Centre (NCSC) recently released joint guidelines for secure AI system development.
These guidelines were targeted at developers of any systems that use artificial intelligence, as a way to help them incorporate cybersecurity decisions into their development. They stressed adherence to Secure by Design principles – a theory that shifts the burden of security to producers and developers, rather than consumers and small organizations. The first of their kind guidelines were created cooperatively between the two governmental agencies and 21 other agencies and ministries worldwide.
“We are at an inflection point in the development of artificial intelligence, which may well be the most consequential technology of our time. Cybersecurity is key to building AI systems that are safe, secure, and trustworthy,” Secretary of Homeland Security Alejandro Mayorkas said. “The guidelines jointly issued today by CISA, NCSC, and our other international partners, provide a commonsense path to designing, developing, deploying, and operating AI with cybersecurity at its core. By integrating ‘secure by design’ principles, these guidelines represent an historic agreement that developers must invest in, protecting customers at each step of a system’s design and development. Through global action like these guidelines, we can lead the world in harnessing the benefits while addressing the potential harms of this pioneering technology.”
The guidelines were divided into four areas: secure design, secure development, secure deployment and secure operation/maintenance. Each noted considerations that could help reduce cybersecurity risk to organizational AAI system development processes. Their release followed an October executive order from President Joe Biden that directed DHS to pursue AI safety standards globally, protect U.S. networks and critical infrastructure and reduce risk of AI use for intellectual property theft and in weapons of mass destruction, among other things.
“As nations and organizations embrace the transformative power of AI, this international collaboration, led by CISA and NCSC, underscores the global dedication to fostering transparency, accountability, and secure practices,” CISA Director Jen Easterly said. “The domestic and international unity in advancing secure by design principles and cultivating a resilient foundation for the safe development of AI systems worldwide could not come at a more important time in our shared technology revolution. This joint effort reaffirms our mission to protect critical infrastructure and reinforces the importance of international partnership in securing our digital future.”