Last year, Executive Order 14110 (Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence) stated that “Artificial intelligence (AI) holds extraordinary potential for both promise and peril.” In response to this reality, the United States Department of Homeland Security (DHS) recently released guidelines to help critical infrastructure owners and operators develop AI security and safety.
The DHS guidelines stem from insights gained from CISA’s cross-sector analysis of AI risk assessments completed by Sector Risk Management Agencies (SRMAs) and relevant independent regulatory agencies. DHS drew upon this analysis, as well as input from existing U.S. government policy, to develop specific safety and security guidelines to mitigate AI risks to critical infrastructure.
“Based on CISA’s expertise as National Coordinator for critical infrastructure security and resilience, DHS’ Guidelines are the agency’s first-of-its-kind cross-sector analysis of AI-specific risks to critical infrastructure sectors and will serve as a key tool to help owners and operators mitigate AI risk,” said CISA Director Jen Easterly in a statement.
Cross-sector AI security threats
The guidelines in the DHS document highlight three categories of system-level AI risk, which CISA developed in its cross-sector AI risk analysis. The categories include:
-
Attacks using AI: Refers to the use of AI to automate, enhance, plan or scale physical or cyberattacks against critical infrastructure. Common attack vectors include AI-enabled cyber compromises, automated physical attacks and AI-enabled social engineering.
-
Attacks targeting AI systems: Focuses on attacks that target AI systems supporting critical infrastructure. Common attack vectors include adversarial manipulation of AI algorithms, evasion attacks and interruption of service attacks.
-
Failures in AI design and implementation: Refers to problems in the planning, structure, implementation, execution or maintenance of an AI tool or system. This can lead to malfunctions or other unintended consequences that affect critical infrastructure operations. Common failures include autonomy, brittleness and inscrutability.
Learn more on AI cybersecurity
The DHS guidelines’ four core functions
The new DHS guidelines also incorporate the NIST AI Risk Management Framework (AI RMF), including four key functions that help organizations address the risks of AI systems:
-
Govern: This function supports setting up policies, processes and procedures to anticipate, identify and manage the benefits and risks of AI during the entire AI lifecycle. It follows a “secure by design” philosophy, prioritizing safety and security when building organizational structures.
-
Map: This establishes a foundational context to evaluate and mitigate AI risks. This includes an inventory of all current or proposed AI use cases. Mapping begins with documenting context-specific and sector-specific AI risks, including attacks using AI, attacks on AI and AI design and implementation failures.
-
Measure: Refers to repeatable methods and metrics for measuring and monitoring AI risks and impacts. Critical infrastructure can develop its own context-specific testing, evaluation, verification and validation (TEVV) processes to inform usage and AI risk management decisions. Measuring should include continuous testing of AI systems for errors or vulnerabilities, including both cybersecurity and compliance vulnerabilities.
-
Manage: Defines risk management controls and best practices to increase the benefits of AI systems while decreasing the likelihood of harm. This mandates regularly allocating resources and applying mitigations, as outlined by governing processes, to mapped and measured AI risks.
Strengthening AI cybersecurity
In a flurry of activity to establish national AI cybersecurity solutions, the new DHS AI guidelines coincide with CISA being named the National Coordinator for Critical Infrastructure Security and Resilience.
Furthermore, the DHS has recently named a new Artificial Intelligence Safety and Security Board. The Board will develop AI security recommendations for critical infrastructure organizations such as transportation, pipeline and power grid operators and internet service providers. Meanwhile, the NIST GenAI program aims to create generative AI benchmarks to address the sticky issue of whether content is human- or AI-generated.
All these efforts are crucial as the nation fortifies its cyber defenses in the age of AI.