USA has introduced new recommendations on security to strengthen the protection of critical infrastructure from threats associated with artificial intelligence. These guidelines were developed as part of interdepartmental efforts to assess the risks of AI in all 16 critical infrastructure sectors.
The focus of the new recommendations is on the use of AI to enhance and scale attacks, manipulation of AI systems, and the inherent vulnerabilities in such systems that can result in unpredictable consequences. The importance of transparency and the development of secure systems from the outset to assess and mitigate AI risks is highlighted.
The new system comprises four key functions including controlling, mapping, measuring, and monitoring risks throughout the lifecycle which involve:
- Creating a culture of risk management in organizations;
- Understanding the context of AI use and the risk profile;
- Developing systems for evaluating and tracking AI risks;
- Prioritizing and implementing security measures for risks.
In addition, the US Department of Homeland Security (DHS) has announced its commitment to ensuring “safe, responsible, and trustworthy deployment and use of technology” without infringing on citizens’ rights to privacy, civil liberties, and freedoms.
It is emphasized that owners and operators of critical infrastructure should consider the specificities of their sector and the context of AI use when assessing risks and selecting appropriate mitigation measures. They are also urged to understand their reliance on AI providers and collaborate to determine risk reduction strategies.