Content
summary Summary

The UK's National Cyber Security Centre has teamed up with the US Cybersecurity and Infrastructure Security Agency to develop the world's first cybersecurity guidelines for AI.

Ad

The "Guidelines for Secure AI System Development" are designed to help developers of AI systems make informed cybersecurity decisions at every stage of the development process, according to the UK's National Cyber Security Centre (NCSC).

The guidelines apply to systems developed from scratch as well as those based on third-party tools and services. 17 other countries, including the United States, have pledged their support and participation in the new guidelines.

The goal of the guidelines is to raise the level of cybersecurity in AI and ensure that AI is designed, developed, and deployed securely. They promote a "security by design" approach, which ensures that cybersecurity is an essential requirement for the security of AI systems and is integrated from the outset and throughout the development process.

Ad
Ad

The guidelines are divided into four main areas: secure design, secure development, secure implementation, and secure operation and maintenance. They provide recommended behaviors to improve security.

  • Secure design and development address issues such as understanding risk, threat modeling, supply chain security, and documentation.
  • Secure implementation emphasizes the need for infrastructure and model protection, incident management, and responsible release.
  • Secure Operation and Maintenance provides guidance on logging and monitoring, update management, and information sharing.

You can find the guidelines on the NCSC website.

International support for UK cyber guidelines

NCSC Chief Executive Lindy Cameron described the guidelines as "a significant step in shaping a truly global, common understanding of the cyber risks and mitigation strategies around AI to ensure that security is not a postscript to development but a core requirement throughout."

NCSC developed the guidelines in collaboration with the U.S. Cybersecurity and Infrastructure Security Agency (CISA). Industry experts and 21 other international agencies and ministries from around the world, including all members of the G7 and the Global South, also participated in the drafting process.

International signatories include Australia, Canada, Chile, Czech Republic, Estonia, France, Germany, Israel, Italy, Japan, New Zealand, Nigeria, Norway, Poland, Singapore, South Korea, the United Kingdom, and the United States.

Ad
Ad
Join our community
Join the DECODER community on Discord, Reddit or Twitter - we can't wait to meet you.
Recommendation
Support our independent, free-access reporting. Any contribution helps and secures our future. Support now:
Bank transfer
Summary
  • The UK has published the first global guidelines for the secure development of AI systems to help developers make informed decisions about cybersecurity.
  • The guidelines are divided into four main areas: secure design, secure development, secure implementation, and secure operation and maintenance.
  • 17 other countries, including the US, have pledged their support for the new guidelines, which were developed jointly by the UK's National Cyber Security Centre and the US Cybersecurity and Infrastructure Security Agency.
Sources
Online journalist Matthias is the co-founder and publisher of THE DECODER. He believes that artificial intelligence will fundamentally change the relationship between humans and computers.
Join our community
Join the DECODER community on Discord, Reddit or Twitter - we can't wait to meet you.