NSA Issues New Guidance for Securing AI Systems

Todd Faulk
Todd Faulk Senior Editor
Published on: April 17, 2024
Todd Faulk Todd Faulk
Published on: April 17, 2024 Senior Editor

The US National Security Agency (NSA) released a cybersecurity information (CSI) sheet on April 15 aimed at helping private defense and security companies securely implement AI systems developed by other organizations. The NSA, the US intelligence agency primarily responsible for surveilling foreign communications, released the guidance through its newly formed Artificial Intelligence Security Center (AISC).

“AI brings unprecedented opportunity, but also can present opportunities for malicious activity. NSA is uniquely positioned to provide cybersecurity guidance, AI expertise, and advanced threat analysis,” said Dave Luber, the NSA’s cybersecurity director, in the AISC’s press release.

Although the new AI guidance was developed with national security goals in mind, its tenets can be adopted by just about any public or private organization looking to implement AI systems in its operations.

The new guidance builds on two of its previous AI reports focused on the secure development and the secure operation and maintenance of AI systems. The overarching goals of the new guidance, titled “Deploying AI Systems Securely: Best Practices for Deploying Secure and Resilient AI Systems,” are to:

  1. Assure that known cybersecurity vulnerabilities in AI systems are appropriately mitigated; and
  2. Provide methodologies and controls to protect, detect, and respond to malicious activity against AI systems and related data and services.[1]

The NSA established the AISC in September 2023 in conjunction with the FBI and signals intelligence agencies of Canada, the UK, Australia, and New Zealand to improve the confidentiality, integrity, and availability of AI systems. The AISC is part of the Cybersecurity Collaboration Center (CCC), and aims to:

  1. Detect and counter AI vulnerabilities;
  2. Drive partnerships with industry and experts from US industry, national labs, academia, the IC, the DoD, and select foreign partners;
  3. Develop and promote AI security best practices;
  4. And ensure NSA’s ability to stay in front of adversaries’ tactics and techniques.

[1] https://media.defense.gov/2024/Apr/15/2003439257/-1/-1/0/CSI-DEPLOYING-AI-SYSTEMS-SECURELY.PDF

About the Author
Todd Faulk
Todd Faulk
Senior Editor
Published on: April 17, 2024

About the Author

Todd Faulk is a Senior Editor at SafetyDetectives. He has more than 20 years of professional experience editing intelligence reports, course plans, and online articles. He's a freelancer who has produced work for a wide variety of clients, including the US Government, financial institutions, and travel and technology websites. Todd is a constant traveler, writer of his own travel blog, and avid reader of new developments in science and technology.