Global Guidelines for Securing AI Systems
The UK’s National Cyber Security Centre (NCSC) and the US’ Cybersecurity and Infrastructure Security Agency (CISA) have published the world’s first global guidelines for securing AI systems against cyberattacks. The guidelines aim to ensure AI technology is developed safely and securely.
Guidelines Development
The guidelines were developed in collaboration with 17 other countries, including all G7 members. The guidelines provide recommendations for developers and organizations using AI to incorporate cybersecurity at every stage, from initial design to deployment and ongoing operations.
Key Areas
The guidelines cover four key areas: secure design, secure development, secure deployment, and secure operation and maintenance. They offer security behaviors and best practices for each phase.
Launch Event
The launch event in London brought together over 100 industry, government, and international partners, including representatives from Microsoft, the Alan Turing Institute, and cyber agencies from the US, Canada, Germany, and the UK. NCSC CEO Lindy Cameron emphasized the need for proactive security amidst AI’s rapid pace of development, stating, "security is not a postscript to development but a core requirement throughout."
International Signatories
The guidelines have been endorsed by 18 countries, including Australia, Canada, Chile, Czechia, Estonia, France, Germany, Israel, Italy, Japan, New Zealand, Nigeria, Norway, Poland, Republic of Korea, Singapore, United Kingdom, and the United States of America.
Conclusion
The guidelines are now published on the NCSC website alongside explanatory blogs. Developer uptake will be key to translating the "secure by design" vision into real-world improvements in AI security.
Frequently Asked Questions
Q: What are the guidelines for securing AI systems?
A: The guidelines provide recommendations for developers and organizations using AI to incorporate cybersecurity at every stage, from initial design to deployment and ongoing operations.
Q: Who developed the guidelines?
A: The guidelines were developed in collaboration with 17 other countries, including all G7 members, by the UK’s National Cyber Security Centre (NCSC) and the US’ Cybersecurity and Infrastructure Security Agency (CISA).
Q: What are the key areas covered in the guidelines?
A: The guidelines cover four key areas: secure design, secure development, secure deployment, and secure operation and maintenance.
Q: Who has endorsed the guidelines?
A: The guidelines have been endorsed by 18 countries, including Australia, Canada, Chile, Czechia, Estonia, France, Germany, Israel, Italy, Japan, New Zealand, Nigeria, Norway, Poland, Republic of Korea, Singapore, United Kingdom, and the United States of America.
