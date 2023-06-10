



Google SAIF (Secure AI Framework) is designed to provide a security framework or ecosystem for developing, using, and securing AI systems.

Every new technology brings new opportunities, threats and risks. As businesses focus on exploiting opportunities, threats and risks can be overlooked. With AI, this can be disastrous for businesses, business customers and ordinary people. SAIF offers his six core elements to ensure maximum AI security.

Extending a Strong Security Foundation to the AI ​​Ecosystem Many of your existing security controls can be extended or focused on AI risks. A simple example is protection against injection techniques such as SQL injection. SAIF suggests that organizations can apply mitigations such as input sanitization and restrictions to better defend against prompt injection-style attacks.

Traditional security controls are often relevant to AI defenses, but may need to be strengthened or expanded. Data governance and protection are critical to protecting the integrity of training data used by AI systems. The old notion of trash in, trash out will be multiplied by AI, but important when business and people make decisions based on that trash.

Threat intelligence, which extends detection and response to incorporate AI into an organization’s threat world, must also include an understanding and awareness of the threats associated with the organization’s own use of AI, including the impact of a breach. If a data pool is poisoned without knowledge of the poisoning, the output of the AI ​​will be adversely affected, sometimes with invisible effects.

To detect algorithmic errors and adversarial inputs, we need to monitor the output of the AI. Organizations using AI systems should have security incident detection and response plans to mitigate the risk of AI systems making harmful or biased decisions, Google said.

Automate your defenses to meet existing and new threats This is the most common advice used when faced with AI-based attacks. Use AI to automate your defenses and counter the growing speed and scale of adversarial AI-based attacks. But Google warns that humans need to be up-to-date to make critical decisions about what threats are and how to respond to them.

The human element is important in both detection and response. The reason for this is that AI systems can be biased or make mistakes, and human oversight is necessary to ensure that AI systems are used ethically and responsibly. Google said.

Beyond automated threat detection, AI-based automation can also be used to reduce the workload and improve efficiency of security teams. Secure scripts are generated through a no-code system to control and automate security processes. He can automate the reverse engineering of malicious binaries, after which he can look for evidence of related activity in the automatic generation of Yara rules.

Harmonize platform-level controls to ensure consistent security across your organization. As the use of AI grows, it is important to conduct regular reviews to identify and mitigate associated risks. This should include the AI ​​models used and the data used to train them, security measures implemented, and AI security risk awareness and training for all employees.

Reduce duplicate frameworks for security and compliance controls and reduce fragmentation. Fragmentation increases complexity, cost, and inefficiency. Google suggests that reducing fragmentation provides a good management approach to mitigate risk.

Adapt controls to tune mitigations and create faster feedback loops for AI adoption. This includes continuous testing and evolution of the system in use, including techniques such as reinforcement learning based on incidents and user feedback. You should monitor your training data and update it as needed to fine-tune your model to respond to attacks.

This includes continual awareness of new attacks, including prompt injection, data poisoning, and evasion attacks. By staying up to date with the latest attack techniques, organizations can take steps to mitigate these risks, Google says. Red teams also help organizations identify and mitigate security risks before they can be exploited by malicious attackers.

Whether it’s to improve your defenses or the AI ​​model itself, you need an effective feedback loop to ensure that everything you learn is put to good use.

Understand AI system risk landscape in surrounding business processes This requires a thorough understanding of how AI is used within business processes and requires a complete inventory of AI models in use is. When using third-party solutions and services, assess the risk profile based on your specific use case, data sensitivity and shared responsibilities.

According to Google, it implements data privacy, cyber risk, and third-party risk policies, protocols, and controls throughout the ML model lifecycle to guide model development, implementation, monitoring, and validation.

Throughout this, building a strong AI security team is critical. AI systems are often complex and opaque, have many moving parts, rely on large amounts of data, are resource intensive, can be used to apply judgment-based decisions, and can be offensive, harmful, or May generate new potentially offensive content. Google warns that it can perpetuate stereotypes and social prejudices.

For many organizations, this expands the necessary expertise available to security teams such as business use case owners, security, cloud engineering, risk and audit teams, privacy, legal, data science, development, and responsible AI and ethics. will be

Google builds the SAIF framework based on 10 years of experience in developing and using AI in our products. The company hopes to lay the foundation for secure AI by publishing its experience in AI, much as the BeyondCorp access model led to the Zero Trust principles that have become industry standards today.

