Homeland Security Secretary Mayorkas Speaks At The National Press Club
Homeland Security Secretary Alejandro Mayorkas: ‘A historic agreement’. (Photo by Drew Angerer/Getty … [+]GETTY IMAGES

Eighteen countries have signed an agreement on AI safety, based on the principle that it should be secure by design.

The Guidelines for Secure AI System Development, led by the U.K.’s National Cyber Security Centre and developed with the U.S.’ Cybersecurity and Infrastructure Security Agency, are touted as the first global agreement of their kind.

They’re aimed mainly at providers of AI systems that are using models hosted by an organization, or that are using external application programming interfaces. The aim is to help developers make sure that cybersecurity is baked in as an essential pre-condition of AI system safety and integral to the development process, from the start and throughout.

“The guidelines jointly issued today by CISA, NCSC, and our other international partners, provide a common sense path to designing, developing, deploying, and operating AI with cyber security at its core,” said secretary of homeland security Alejandro Mayorkas.

“By integrating ‘secure by design’ principles, these guidelines represent an historic agreement that developers must invest in, protecting customers at each step of a system’s design and development,” he added.

They cover secure design—including understanding risks and threat modeling, as well as the trade-offs that need to be considered around system and model design—as well as development guidelines including supply chain security, documentation and asset and technical debt management.

Secure deployment covers protecting infrastructure and models from compromise, threat or loss, developing incident-management processes and responsible release. Secure operation and maintenance cover logging and monitoring, update management and information sharing.

Forbes Daily: Get our best stories, exclusive reporting and essential analysis of the day’s news in your inbox every weekday.Sign Up

By signing up, you accept and agree to our Terms of Service (including the class action waiver and arbitration provisions), and Privacy Statement.

The guidelines are broadly based on the NCSC’ Secure development and deployment guidance, NIST’s Secure Software Development Framework and the secure by design principles published by CISA, the NCSC and other international cyber agencies.

They have been approved by Australia, Canada, Chile, Czechia, Estonia, France, Germany, Israel, Italy, Japan, New Zealand, Nigeria, Norway, Poland, South Korea and Singapore, as well as the U.K. and U.S. However, one notable absence is China—currently the world’s leading developer of AI.

The U.K. is hoping to capitalize on the recent AI safety summit held at Bletchley Park late last month. And, like the discussions at that event, the new guidelines are long on general principles, but short on actual detail.

However, work continues: Last month, President Biden issued an executive order directing the Department of Homeland Security to promote the adoption of AI safety standards globally, while earlier this month, CISA released its Roadmap for Artificial Intelligence, aimed at ensuring AI systems are protected from cyber-based threats.

“The release of the Guidelines for Secure AI System Development marks a key milestone in our collective commitment—by governments across the world—to ensure the development and deployment of artificial intelligence capabilities that are secure by design,” said CISA Director Jen Easterly.

“The domestic and international unity in advancing secure by design principles and cultivating a resilient foundation for the safe development of AI systems worldwide could not come at a more important time in our shared technology revolution.”

LEAVE A REPLY

Please enter your comment!
Please enter your name here