AI cyber-security vs traditional Cyber-Security - Part 3 of 3

In?part 1?and part 2 of this series; we learnt about the key differences between traditional cyber-security vs AI cybersecurity and the unique types of attacks that can target AI systems. In this part let look into how to create an AI based cyber-security framework to mitigate some of these risks and how we can upgrade our security testing processes to check for these vulnerabilities.

While we do not currently have an international standard for AI cyber-security like ISO 27001 or the PCI DSS standard, there are some key steps which a company can take to create a framework to start securing their AI systems

AI cyber-security framework

The key components of an AI security framework are :

1. Mapping out the regulatory environment in which AI systems operate : Regulation will play a large part in determining the risk level of our AI systems and what sort of data they will be allowed to process. Make sure you are aware of the regulatory environment and what requirements are present as some regulation like the upcoming EU AI act bans certain types of AI systems and imposes other requirements on high-risk AI systems.
2. Create an AI/machine learning security baseline : To make sure security is consistently applied across AI systems the company will need a minimum baseline of security controls to be applied. This has to cover both the security of the underlying infrastructure and?the AI System itself .
3. Maintain an up-to-date inventory of all AI and Machine Learning systems : It is difficult to secure anything without knowing it exists in the first place! Identify all assets in your AI ecosystem as a fundamental step so you know how many AI systems are present and how they can be protected. Make sure the inventory captures the below:
4. Conduct detailed technical risk assessments of your AI systems : Based on the risk level of the AI systems identified in your inventory, detailed technical risk assessments must be carried out and documented with mitigations and timelines. This is a collaborative effort with the business and technical teams. The methodology you use is not important but what is critical is that this is a repeatable, standardized process that is consistently followed.
5. Create an awareness program about AI risks : Easily one of the biggest risks in AI systems is the overall lack of awareness amongst cyber-security professionals. As mentioned earlier the unique risks present in AI systems are either ignored or are treated like any other software rollout with hardening, patching, and configurations done without regard for the risk of the AI model. If you are serious about AI cyber-security, then it is crucial to up-skill your staff and make them aware of these risks ( check out my Udemy course below )
6. Update security testing to identify AI and Machine Learning vulnerabilities: ?Most companies have security assurance processes present as part of any application rollout in which a full security review of the application is carried out to capture security risks. You must make sure that AI-specific security testing is a part of this process. For example, using adversarial testing samples that simulate model evasion can be done during the model testing phase to assess its level of susceptibility to model evasion attacks as seen in the following diagram.

The good news is there are standards already available for simulating AI based attacks. Security experts already available with public frameworks like MITRE ATT&CK will be happy to know that there is an AI based security framework available called MITRE ATLAS (Adversarial Threat Landscape for Artificial-Intelligence Systems), which is described as

“a knowledge base of adversary tactics, techniques, and case studies for machine learning (ML) systems based on real-world observations, demonstrations from ML red teams and security groups, and the state of the possible from academic research”

ATLAS present at https://atlas.mitre.org/ follows the same framework as MITRE, so it is very easy for cyber-security practitioners to study and adopt its techniques when they want to test their internal AI systems for vulnerabilities and security risks. It also helps in creating awareness of these risks amidst the cyber-security community as they are presented in a format, they are already familiar with.

Conclusion

Companies that are serious about securing their AI systems will have to understand the previously mentioned risks and then select controls designed for these problems. Over time as more awareness is created then we will see standards evolve and form but until then companies must be proactive and mitigate these threats before they are taken advantage of. As always there is a trade-off between productivity and security and cyber-security pros will need to play the balancing act between securing the system and letting it do its job at the same time.

The good news is that cyber-security is already a mature discipline that can quickly adapt and incorporate new types of risks into its existing frameworks and AI is no exception. As security professionals become more and more aware of these risks, we will see AI security controls move into the mainstream. This is like how Application Security was a niche a few decades back but is now considered a given for any cyber-security strategy.

Thanks for reading and check out the below resources if you are more interested in this topic !

?? My book on AI governance and Cyber-Security

??????Udemy course on AI governance and cyber-security

???My Blog

???My Youtube Channel?