The Canadian Centre for Cyber Security, Japan’s National Cybersecurity Office, New Zealand National Cyber Security Centre, South Korea’s National Intelligence Service, Singapore’s Cyber Security Agency, UK’s National Cyber Security Centre, US’ National Security Agency have joined the Australian Cyber Security Centre’s guidance on the supply chain risks and mitigations associated with AI and machine learning (ML) systems, emphasizing the importance of secure management to protect against cyber threats that can arise from third-party datasets and pre-trained models. This guidance targets organizations involved in AI and ML development, highlighting the need for comprehensive risk assessments throughout the lifecycle of AI products, including supplier evaluations, data integrity checks, and the establishment of clear communication channels regarding cybersecurity responsibilities. It outlines specific risks such as data poisoning, model serialisation attacks, and vulnerabilities in AI software, while recommending mitigations like using trusted data sources, implementing secure file formats, and conducting ongoing performance testing. The guidance aims to enhance the resilience of AI and ML supply chains by integrating cybersecurity best practices tailored to the unique challenges posed by these technologies.
Click here for the official article/release
Disclaimer
The Legal Wire takes all necessary precautions to ensure that the materials, information, and documents on its website, including but not limited to articles, newsletters, reports, and blogs (“Materials”), are accurate and complete. Nevertheless, these Materials are intended solely for general informational purposes and do not constitute legal advice. They may not necessarily reflect the current laws or regulations. The Materials should not be interpreted as legal advice on any specific matter. Furthermore, the content and interpretation of the Materials and the laws discussed within are subject to change.
