Launch of Guidelines and Companion Guide on Securing Artificial Intelligence Systems

     The Cyber Security Agency of Singapore (CSA) has launched the Guidelines and Companion Guide on Securing Artificial Intelligence (AI) Systems at the Singapore International Cyber Week (SICW) 2024. 

2.      While AI offers significant benefits for the economy and society by driving efficiency and innovation across various sectors, there are cybersecurity risks involved in the development and deployment of such systems. AI systems can be vulnerable to adversarial attacks, where malicious actors intentionally manipulate or deceive the AI system. The adoption of AI can also exacerbate existing cybersecurity risks to enterprise systems. These can lead to risks such as data breaches, or result in harmful, or otherwise undesired model outcomes. As such, AI should be secure by design and secure by default, as with all software systems.

3.      The Guidelines were developed with the aim of helping organisations adopt AI in a secure manner. They identify potential threats such as supply chain attacks, and risks such as Adversarial Machine Learning and include principles to guide decision-makers and practitioners on implementation of security controls and best practices to protect AI systems. The Guidelines and Companion Guide were developed by referencing established international industry guidelines and standards. These include Guidelines for secure AI system development (by the UK National Cyber Security Centre and US Cybersecurity and Infrastructure Security Agency), National Institute of Standards and Technology Risk Management Framework, MITRE Adversarial Threat Landscape for AI Systems and Open Web Application Security Project Machine Learning Security Top 10.

4.      As hardening only the AI model is insufficient to mitigate security risks, CSA recommends that system owners take a life-cycle approach for a holistic perspective to identify and mitigate the security risks. There are five key stages in the AI life cycle, namely, Planning and Design, Development, Deployment, Operations and Maintenance, and End of Life. The stages will cover the following points:

     i. Planning and Design – Raise awareness of AI security threats and develop risk assessments. 
     ii. Development – Supply chain security and protection of AI assets.
     iii. Deployment – Secure infrastructure, establish incident management processes and AI benchmarking and red-teaming.
     iv. Operations and Maintenance – Monitor for security anomalies and establish vulnerability disclosure processes.
     v. End of Life – Ensure secure and proper disposal of data and model artefacts.

5.      CSA is also collaborating with AI and cybersecurity practitioners on the Companion Guide on Securing AI Systems. This is intended as a community-driven resource, with the Companion Guide complementing the Guidelines as a useful reference containing practical measures and controls that system owners can consider as part of observing the Guidelines. As the field of AI security continues to evolve rapidly, the Companion Guide will be updated to account for technological developments.

6.     CSA conducted a public consultation from 31 July 2024 to 15 September 2024, and received 28 submissions from AI/tech companies, cybersecurity firms, and professional associations. CSA would like to thank all individuals and organisations that have taken the time to respond and contribute to the continuous improvement of the Guidelines and Companion Guide. The feedback has helped us to incorporate and provide clearer advice on how to secure AI, as well as improve the alignment of the document with international standards. 

7.      Organisational leaders, business owners, AI and cybersecurity practitioners are strongly encouraged to adopt CSA’s Guidelines for implementing AI systems securely. By doing so, they can ensure that their systems are secure by design and build up user confidence that the AI will function as originally intended and engender innovative, safe and effective outcomes.

8.      The Guidelines and Companion Guide can be downloaded from CSA’s website at Guidelines on securing AI.

About the Cyber Security Agency of Singapore 

Established in 2015, the Cyber Security Agency of Singapore (CSA) seeks to keep Singapore’s cyberspace safe and secure to underpin our National Security, power a Digital Economy and protect our Digital Way of Life. It maintains an oversight of national cybersecurity functions and works with sector leads to protect Singapore’s Critical Information Infrastructure. CSA also engages with various stakeholders to heighten cyber security awareness, build a vibrant cybersecurity ecosystem supported by a robust workforce, pursue international partnerships and drive regional cybersecurity capacity building programmes.

CSA is part of the Prime Minister’s Office and is managed by the Ministry of Digital Development and Information. For more news and information, please visit www.csa.gov.sg.