



Artificial intelligence has exploded in popularity in recent months, to the point that some of the big tech companies believe it’s about time they needed a common set of standards for building and deploying these new technologies. is.

Google on Friday announced the Secure AI Framework (SAIF), a conceptual framework for securing AI systems.

SAIF develops an ecosystem that keeps pace with AI developments, expands detection and response with AI in mind, integrates automation into AI, and red-teams with models developed for AI. We aim to carry out exercises.

Google will work closely with government standards bodies to help develop the NIST AI Risk Management Framework and the industry’s first AI certification standard, the ISO/IEC 42001 AI Management Systems standard.

In concrete action, Google said it plans to expand its bug bounty program to encourage industry research on AI safety and security. We also plan to publish several open-source tools to help practice the SAIF elements for AI security.

“The research community has an important role to play in the AI ​​ecosystem, and we are proud to already have such relationships with security researchers,” said Phil Venables, Chief Information Security Officer at Google Cloud. I think,” he said. Last year, we paid security researchers over $12 million to test vulnerabilities in our products. His AI systems at our company are covered by these programs and we work with the community to ensure that vulnerabilities are found. There is also a research arm called Google DeepMind that is working on these issues.

Most security professionals think it’s good that a big company like Google is taking such a strong step in promoting SAIF, but it’s an area most security professionals are learning and working on. So some think there’s a lot of work ahead.

“We were just starting to think about this and were making analogies from the existing cybersecurity field,” said Jon Bambeneck, Netenrich’s chief theater hunter.

Bambeneck said having a bug bounty program makes sense if you’re talking about software applications, but AI doesn’t even really know what penetration testing actually looks like. pointed out.

In reality, we were making things up on the fly and just needed to fix things and figure things out, Bambeneck said. In that sense, getting some stuff out there is a good first step, at least because it gives the industry a starting point to figure out what works and what doesn’t.

SAIF is off to a great start, based on several principles found in the NIST and ISO frameworks, said Sounil Yu, chief information security officer at JupiterOne. Today, the industry needs a bridge between current security controls and those specifically required for AI systems.

A key difference from AI systems that makes SAIF particularly appealing and necessary, Yu said, is that AI systems don’t have many opportunities to make mistakes. AI safety is a very important principle to consider early in the design and development of AI systems, as it can have catastrophic and irreversible consequences. As AI systems become more capable, they may perform actions that are inconsistent with human values. Incorporating safety principles early can help AI systems better align with human values ​​and prevent potential abuse of these technologies.

Pathlock CEO Piyush Pandey said that just as the Sarbanes-Oxley Act (SOX) created the need for separation of duties (SOD) controls for financial processes, AI systems need a similar kind of security. He pointed out that it was clear that management was needed. .

Pandey said SOX requirements have quickly been applied to the business applications that run these processes, resulting in control testing becoming its own industry, along with software solutions, audit firms and consulting firms, helping customers ensure control effectiveness and compliance. I said I was helping to prove it.

For SAIF to be right, Pandey said, it needs to define controls to give organizations a starting point to make their AI systems and processes safer.

