This will guide partners on how to voluntarily share information related to cybersecurity incidents and vulnerabilities.
CISA has launched an AI Cybersecurity Collaboration Playbook to provide guidance on sharing AI-related cybersecurity information voluntarily.
Announced this week, the playbook identifies actionable information sharing categories applicable to broader critical infrastructure stakeholders and other sharing mechanisms.
In particular, the playbook aims to facilitate collaboration between federal agencies, private industry, international partners, and other stakeholders to raise awareness of AI cybersecurity risks and improve the resilience of AI systems.
It will also guide Joint Cyber Defense Collaborative (JCDC) partners on how to voluntarily share information related to cybersecurity incidents and vulnerabilities associated with AI systems.
Commenting, Dr Andrew Bolster, senior research and development manager (data science) at Black Duck, said, "This continuing integration demonstrates the US government's commitment (along with their private and international partners) to empowering secure innovation with AI by only making relatively small extensions to existing software security practices such as the Secure Software Development Framework.
"These extensions in vulnerability reporting and disclosure guidance, while relatively modest, provide critical visibility to security researchers and downstream consumers as to the level of security maturity being applied around and within these AI capabilities, particularly around what AI Models/Tools are used, and the data used to train/validate such systems.”
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
