Last week, the Cybersecurity Coalition submitted comments in response to the National Institute for Standards and Technology (NIST) Cybersecurity and AI Workshop Concept Paper.
The Concept Paper approaches the idea of creating a Community Profile on AI for the Cybersecurity Framework to provide practitioners with resources related to implementing the CSF with a focus on AI. The Concept Paper discusses some of the gaps in taxonomy and strategy when it comes to securing AI - and working to secure systems against AI tools. The Coalition agrees that AI introduces new challenges regarding cybersecurity, but AI advances do not - in and of themselves - necessarily require fundamental changes to the way organizations address cybersecurity.
At a time when there’s more noise than signal in some conversations about AI, this intersection of cybersecurity and AI is an excellent focus for standardization and measurement work. There is broad consensus that AI is software, and many foundational approaches to securing software laid out in the NIST CSF translate easily to AI models, tools, and systems.
An AI profile for the Cybersecurity Framework would help organizations secure AI systems and tools - in the same manner that the CSF does this for cybersecurity risk. By building off this framework, an AI profile is more likely to find widespread adoption to promote safer AI implementation within many organizations.
An AI profile also can help organizations defend against AI-enabled attacks and help accelerate innovation within their organizations. Standard guidance for the secure deployment of AI technologies can accelerate the adoption and deployment of AI tools.
We are encouraged by this effort to provide further guidance on AI in cybersecurity by NIST and the National Cybersecurity Center of Excellence. The Coalition appreciates the opportunity to provide input and commends NIST for its openness and commitment to working with industry stakeholders.
Read Next
Crosswalk Analysis for Artificial Intelligence Frameworks
Organizations worldwide are developing frameworks to ensure that AI systems are safe and secure but there’s a gap in how they are compared. This analysis seeks to understand the commonalities by using the the NIST AI RMF as a baseline.
What is DNS? - A DNS Security Primer
DNS is woven into the fabrics of almost every network, and it’s critical that DNS deployments are done securely and with the most modern best practices, lest attackers compromise this vital component.
CyberNext BRU: Countering the Proliferation of Commercial Spyware
The proliferation of Commercial Cyber Intrusion Capabilities has been challenging with European government officials exploring different policy options. Find out more about this process at the second annual CyberNext BRU conference on 5 March.