United States Department of Homeland Security and UK National Cyber Security Centre Release Co-Authored AI Guidelines
Summary
On November 26, 2023, the United States Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and U.K.’s National Cyber Security Centre (NCSC) announced co-authored Guidelines for Secure AI System Development, aimed at helping developers make informed cybersecurity decisions that will help build safe AI systems. The 20-page regulation is structured to cover four key areas: • Secure design: Guidelines for designing AI systems to address risks and threat models. • Secure development: Guidelines for development including supply chain security, documentation, and asset and technical debt management. • Secure deployment: Guidelines for deployment with a focus on protecting infrastructure and models, developing incident management processes and responsible release practices. • Secure operation and maintenance: Guidelines for secure operation and maintenance of AI, such as logging and monitoring, update management and collaborative information sharing to develop best practices. DHS Secretary Alejandro N. Mayorkas described the guidelines as a “commonsense path to designing, developing, deploying, and operating AI with cybersecurity at its core.” Twenty-one other international partners assisted in the publishing of the guidelines, including the Canadian Centre for Cyber Security and Germany’s Federal Office for Information Security. Several private-sector organizations also contributed, including Amazon, Anthropic, Google, IBM, Microsoft, and OpenAI.
