Cyber Implications of the U.S. and U.K.'s New Guidelines for Secure AI System Development

In early November, BlueVoyant published a blog highlighting forthcoming regulatory requirements for artificial intelligence (AI) from the United States’ and United Kingdom’s governments. One of those guidelines were announced recently, with the U.K.’s National Cyber Security Centre spearheading the effort.

Below we share what these new guidelines mean, including the impacts to businesses and how security and development teams alike can prepare to ensure they meet the new standards.

AI systems can be susceptible to new security vulnerabilities due to the pace of development and security being treated as a secondary consideration in many instances. The “Guidelines for Secure AI System Development” aims to facilitate global collaboration, ensuring that AI is designed, developed, and deployed securely around the world. The guidelines also help developers ensure that cybersecurity is both an essential pre-condition of AI system safety and integral to the development process from the outset and throughout, known as a ‘secure by design’ approach.

What are the Components of the Guidelines?

The guidelines are broken down into four key areas within the AI system development life cycle: secure design, secure development, secure deployment, and secure operation and maintenance.

Secure Design

• Raise staff awareness of threats and risks: system owners, senior leaders, data scientists, and developers
• Model the threats to your system: understanding the potential impacts to the system, users, organizations, and wider society if an AI component is compromised or behaves unexpectedly
• Design your system for security as well as functionality and performance: consider your threat model and associated security mitigations alongside functionality, user experience, deployment environment, and more
• Consider security benefits and trade-offs when selecting your AI model: choice of model architecture, configuration, training data, training algorithm and hyper-parameters

Secure Development

• Secure your supply chain: Assess and monitor the security of your AI supply chains across a system’s life cycle, and require suppliers to adhere to the same standards your own organization applies
• Identify, track, and protect your assets: Understand where your assets reside and have assessed and accepted any associated risks
• Document your data, models, and prompts: Document the creation, operation, and life cycle management of any models, datasets and system prompts
• Manage your technical debt: Identify, track and manage your ‘technical debt’ throughout an AI system’s life cycle

Secure Deployment

• Secure your infrastructure: Apply good infrastructure security principles to the infrastructure used in every part of your system’s life cycle
• Protect your model continuously: Protect the model and data from direct and indirect access by implementing standard cyber security best practices and implementing controls on the query interface
• Develop incident management procedures: Incident response, elevation, and remediation plans reflect the possibility of security incidents specifically affecting AI systems
• Release AI responsibly: Release models, applications or systems only after subjecting them to appropriate and effective security evaluation such as benchmarking and red teaming
• Make it easy for users to do the right things: Default options for users re broadly secure against common threats and you provide users with guidance on the appropriate use of your model or system
  

Secure Operation & Maintenance

• Monitor your system's behavior: Measure the outputs and performance of your model and system such that you can observe sudden and gradual changes in behavior affecting security
• Monitor your system's input: Monitor and log inputs to your system to enable compliance obligations, audit, investigation and remediation in the case of compromise or misuse
• Follow a secure by design approach to updates: Include automated updates by default, reflect that changes to data can lead to changes in system behavior, and support users to evaluate and respond to model changes
• Collect and share lessons learned: Maintain open lines of communication for feedback regarding system security, both internally and externally to your organization, including providing consent to security researchers to research and report vulnerabilities

What are the Business Implications?

While the new guidelines are non-binding — that is, they are not regulatory requirements — global businesses are expected to adhere to the processes outlined by the U.K. and U.S. governments as they continue to implement AI in their products. Organizations must ensure that proper security measures are in place to reduce the risk of unauthorized access or data breaches. Many AI services use both corporate and customer data to improve experience. This is data cyber criminals would like to access, so businesses must ensure they do a risk analysis and maintain strong cyber hygiene.

By mitigating security risks earlier in the development process, companies can limit the potential vulnerabilities their products might face when they are viable. Where risks cannot be mitigated, vendors should be responsible for informing users further down the supply chain of the risks that they and their own users are accepting.

Global businesses need to ensure that their AI models and activities are in compliance with the new laws and regulations being developed globally. BlueVoyant is prepared to work with your legal and compliance teams to conduct security assessments, establish governance frameworks, and manage and monitor your internal and external environment to help protect your data and mitigate legal and regulatory risks. With the right security measures and a proactive approach to risk management, AI processes can deliver on its promise of increased efficiencies and faster business decision-making without exponentially increasing risks to your business operations or reputation.

If you are interested in learning more about BlueVoyant's offerings, please contact us or your BlueVoyant representative.