Artificial Intelligence & Machine Learning
,
Next-Generation Technologies & Secure Development
US CISA Releases Guidance to Streamline AI Cyber Incident Information Sharing
The U.S. cyber defense agency is aiming to streamline information sharing on artificial intelligence cybersecurity incidents and vulnerabilities between the federal government, leading AI developers and major companies deploying AI tools.
See Also: Live Webinar | AI in the Spotlight: Exploring the Future of AppSec Evolution
The Cybersecurity and Infrastructure Security Agency on Tuesday released an AI cybersecurity collaboration playbook that provides guidance to public-private partners on disclosing AI incidents and vulnerabilities while detailing the agency’s steps to bolster collective defense with shared information. CISA said it developed the Joint Cyber Defense Collaborative AI Cybersecurity Collaboration Playbook with federal partners including the FBI, National Security Agency AI Security Center and industry partners such as AWS, Nvidia, IBM, Microsoft and OpenAI.
The playbook calls for proactive information sharing around malicious activity to help enable early detection of critical threats. It provides avenues for AI developers and private sector companies to coordinate within JCDC, as well as voluntarily report cyber incidents to CISA. The guidance comes after the Department of Homeland Security Office of Inspector General found the agency’s top threat sharing initiative was facing major hurdles, from mounting security concerns and plummeting participation to a lack of a recruitment strategy (see: Experts Warn CISA’s Threat Sharing is in a ‘Death Spiral’).
CISA Director Jen Easterly described the new playbook as a “major milestone” in CISA’s efforts “to secure AI systems through active collaboration.” She added that 150 AI specialists from government, industry and international partners contributed to the development of the guidance who participated in two dynamic tabletop exercises, which “will be regularly updated to address the evolving challenges of an AI-driven future.”
CISA’s Cybersecurity Advisory Committee issued a series of recommendations in June that called on the agency to overhaul the JCDC and improve its focus on operational collaboration. Experts told Information Security Media Group at the time that the public-private partnership – which boasts over 300 member organizations across 12 critical infrastructure sectors – suffers from mission uncertainty and the lack of a platform to enhance collaboration (see: CISA Planning JCDC Overhaul as Experts Criticize Slow Start).
The playbook primarily instructs organizations to use CISA webpages to report cyber incidents and vulnerabilities in AI products and services. CISA recommends all JCDC partner integrate the playbook into their incident response and information sharing processes while making iterative improvements as needed.
The guidance urges organizations to establish comprehensive vulnerability disclosure policies in order for security researchers to understand what tests are authorized for certain systems and how to send those vulnerability reports. It also instructs JCDC partners that identify vulnerabilities in deployed federal government systems to notify the owner or report the issue through the Carnegie Mellon University Software Engineering Institute CERT Coordination Center.
The playbook could face implementation challenges since its publication comes just six days before the transition of power in Washington. The next administration could seek to significantly scale back the cyber defense agency. While President-elect Donald Trump has yet to announce many key cyber positions in his White House, newly-empowered Republicans appear likely to push for budget cuts and a reprioritization of CISA’s mission (see: CISA Faces Uncertain Future Under Trump).