NCSC Guidelines on Secure AI

Written By Rafah Knight

The National Cyber Security Centre has published guidelines for secure AI development.

Below are the key takeaways:

  1. Secure design: (1)raise staff awareness of threats and risks, (2)model the threats to your system, (3)design your system for security as well as functionality and performance, and (4)consider security benefits and trade-offs when selecting your AI model.

  2. Secure development: (1)secure your supply chain, (2)identify , track and protect your assets, (3)document your data, models and prompts, and (4)manage your technical debt.

  3. Secure deployment: (1)secure your infrastructure, (2)protect your model continuously, (3)develop incident management procedures, and (4)release AI responsibly and make it easy for users to do the right things.

  4. Secure operation and maintenance: (1)monitor your system's behaviour, (2)monitor your system's input, (3)follow a secure by design approach to updates, and (4)collect and share lessons learned.

The full guidelines can be found here.

Rafah Knight
Previous

CISA AI & Cybersecurity Roadmap
Next

UK “White Paper” on AI Regulation