CISA Launches AI Sharing Playbook

share
Header image

CISA Launches AI Sharing Playbook

share

This will guide partners on how to voluntarily share information related to cybersecurity incidents and vulnerabilities.

CISA has launched an AI Cybersecurity Collaboration Playbook to provide guidance on sharing AI-related cybersecurity information voluntarily.

Announced this week, the playbook identifies actionable information sharing categories applicable to broader critical infrastructure stakeholders and other sharing mechanisms.

In particular, the playbook aims to facilitate collaboration between federal agencies, private industry, international partners, and other stakeholders to raise awareness of AI cybersecurity risks and improve the resilience of AI systems.

It will also guide Joint Cyber Defense Collaborative (JCDC) partners on how to voluntarily share information related to cybersecurity incidents and vulnerabilities associated with AI systems.

Commenting, Dr Andrew Bolster, senior research and development manager (data science) at Black Duck, said, "This continuing integration demonstrates the US government's commitment (along with their private and international partners) to empowering secure innovation with AI by only making relatively small extensions to existing software security practices such as the Secure Software Development Framework.

"These extensions in vulnerability reporting and disclosure guidance, while relatively modest, provide critical visibility to security researchers and downstream consumers as to the level of security maturity being applied around and within these AI capabilities, particularly around what AI Models/Tools are used, and the data used to train/validate such systems.”


Written by
Dan Raywood
Dan Raywood

Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.

Artificial IntelligenceGovernment Published: 16 January Written by
Dan Raywood
Dan Raywood

Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.

Upcoming Events

No events found.

Related content

Cybersecurity implications of Claude Mythos explored by US, UK

Cybersecurity implications of Claude Mythos explored by US, UK

 Fraud losses top £629M as UK ramps up enforcement

Fraud losses top £629M as UK ramps up enforcement

 AI coding tools must not propagate vulnerabilities, says NCSC head

AI coding tools must not propagate vulnerabilities, says NCSC head
UK watchdog raises concerns over Jaguar Land Rover's cyber bailout

UK watchdog raises concerns over Jaguar Land Rover's cyber bailout

 Novel font-rendering attack prevents AI assistants from detecting illicit code

Novel font-rendering attack prevents AI assistants from detecting illicit code

 Report: UK cyberattacks grow faster than global rate

Report: UK cyberattacks grow faster than global rate
What UK Firms Need to Know About the UK Data Use and Access Act

What UK Firms Need to Know About the UK Data Use and Access Act