As U.S. federal agencies move to take advantage of the potential benefits of artificial intelligence (AI) they are also left wondering how to structure governance of these new systems. President Biden’s Executive Order on AI and the following memorandum from the White House Office of Management and Budget stated that all agencies must appoint a Chief AI Officer.
But where does this individual sit within an organization? What background should they have? To whom do they report? Governance must consider the typical cybersecurity tenants of confidentiality, integrity, and availability but expand to consider explainability, safety, and potential for bias.
How this will be done and answers to these questions will be examined in an upcoming paper from the Center for Cybersecurity Policy & Law (CCPL). We want to hear from those in government and industry on how these challenges are being solved and how agencies are moving forward.
Specifically, the paper will:
- Explore current and proposed governance structure within agencies, based on White House and NIST guidance, and what changes may be necessary to incorporate AI.
- Understand other approaches to governance of AI and identify best practices both in the public and private sector organizations that can be identified and replicated.
- Review existing guidance on AI deployment and applicable guidance from other overlapping disciplines -- cyber, data, risk management, acquisition -- for federal agencies and identify gaps.
- Recommend actionable guidance that can accelerate agencies implementation or development of safe and secure AI.
Existing policy components from cloud computing, cybersecurity, automated technologies, and other implementations of innovative technologies could be relevant and useful if applied. Policy specifically for AI could be accelerated if existing applicable policy is clarified and new policy is focused on specific enhancements required for government use of AI.
Have a perspective on AI governance? Reach out to the CCPL team to share your thoughts on how this challenge can be solved as we race toward rolling out AI systems across government.
Read Next
Putting the Work into Workshop with NIST’s Privacy Engineering Program
NIST hosted the Ready, Set, Update! Privacy Framework 1.1 + Data Governance and Management Profile Workshop, a two-day event to solicit feedback on updates to the Privacy Framework and the creation of a Data Governance and Management Profile.
S02 E05: EU Cyber Policy with Despina Spanou
In our latest Distilling Cyber Policy podcast episode, Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law are joined by Despina Spanou, the Head of the Cabinet of the Vice-President of the European Commission.
S02 E04: The National Vulnerabilities Database with Kent Landfield, John Banghart
In our latest podcast episode, Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law are joined by John Banghart, Venable LLP, and Kent Landfield, a founding member of the Common Vulnerabilities and Exposures (CVE) Program.
