The National Intelligence Service and major international cybersecurity agencies have recommended implementing security measures from the earliest stages of artificial intelligence (AI) development.
On Thursday, the National Intelligence Service, in collaboration with cybersecurity agencies from seven leading nations, including Australia’s Signals Directorate (ASD) and the U.S. National Security Agency (NSA), jointly released AI Supply Chain Risks and Mitigation Strategies.
This advisory was a collaborative effort involving the National Intelligence Service, Australia’s ASD, the U.S. NSA, the Canadian Centre for Cyber Security (CCCS), Singapore’s Cyber Security Agency (CSA), New Zealand’s National Cyber Security Centre (NCSC-NZ), Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC), and the UK’s National Cyber Security Centre (NCSC).
The agencies stressed the need for robust security measures, citing the intricate nature of AI supply chains and the potential for concealed vulnerabilities like backdoors.
The AI supply chain encompasses all processes and components involved in creating an AI system and delivering it to end-users.
This advisory emphasizes the critical importance of integrating security measures from the initial design phase, rather than implementing them as an afterthought post-deployment.
Specifically, it outlines security risk factors and mitigation strategies across key areas: data, machine learning models, software, infrastructure and hardware, and third-party services.
Security experts advise using reliable, high-quality data to mitigate risks, noting that low-quality or biased AI data can lead to flawed model decisions.
They also recommend using secure file formats and transparent models to prevent security breaches such as hidden malware or backdoor insertions in machine learning models.
The advisory suggests applying established information security principles to AI infrastructure, highlighting the importance of network segmentation and robust authentication mechanisms.
For more comprehensive information on AI Supply Chain Risks and Mitigation Strategies, readers can visit the National Intelligence Service’s official website.