Artificial Intelligence Risks: Building Trust in AI through a Cyber Risk-Based Approach

The report highlights the integration of security in AI systems and value chains via active vulnerability detection and remediation.

While AI systems also have shared software threats, their reliance on data poses unique threats such as data poisoning (tampering with data for training purposes), model extraction (stealing sensitive data or parameters), and evasion attacks (input manipulation to mislead outputs).

Upon established Cyber Security best practices—e.g., secure coding and supply chain security—is important, but these must be rephrased in terms of solutions to the particular challenges posed by AI, e.g., Explainability and Data Integrity.

Three pillars of AI supply chains—Computational Capacity, AI models/software libraries, and Data—are identified by the report as each having different levels of safeguards necessary to meet their respective vulnerabilities.

Prioritized threats include Infrastructure Compromise, Supply Chain Compromisation (i.e., open-source hostile libraries), lateral attack via connected systems (i.e., prompt injection in LLMs), human errors (e.g., automation over-reliance), and System Failure.

Operational direction includes self-assessment checklists (e.g., regulatory compliance, access controls), hardening infrastructure (e.g., multi-factor authentication), and organizational approaches (e.g., personnel training, incident response planning).

Governments are urged to support adversarial AI research, Develop Certification Standards, Promote Cyber Security best practices, facilitate Cross-sector Collaboration, and increase International Partnerships to neutralize new threats.