The UK has taken a pioneering step by releasing the world’s first comprehensive guidelines aimed at protecting AI systems from cyber threats. These guidelines are designed to ensure the safe and secure development of AI technologies.
Crafted by the UK’s National Cyber Security Centre (NCSC) and the US’ Cybersecurity and Infrastructure Security Agency (CISA), the guidelines have gained support from 17 additional countries, including all members of the G7.
The recommendations provided in the guidelines urge developers and organizations employing AI to embed cybersecurity at every stage of the AI lifecycle. This “secure by design” methodology emphasizes integrating security measures from the initial design phase, through development and deployment, to the ongoing operational phase.
The guidelines focus on four critical areas: secure design, secure development, secure deployment, and secure operation and maintenance, offering specific security behaviors and best practices for each stage.
At the London launch event, which brought together over 100 participants from industry, government, and international entities, speakers from organizations like Microsoft, the Alan Turing Institute, and cybersecurity agencies from the US, Canada, Germany, and the UK were present.
Lindy Cameron, CEO of NCSC, highlighted the urgency of proactive security measures in the rapidly evolving field of AI, stating that security should be a fundamental aspect of development, not an afterthought.
Building on the UK’s existing leadership in AI safety, these guidelines were introduced just a month after the UK hosted the first international AI safety summit at Bletchley Park.
Alejandro Mayorkas, US Secretary of Homeland Security, emphasized the critical juncture in AI development, labeling it as potentially the most significant technology of our era. He noted that cybersecurity is crucial in creating AI systems that are safe, secure, and trustworthy.
The guidelines, endorsed by 18 countries across Europe, Asia-Pacific, Africa, and the Americas, provide a unified approach to designing, developing, deploying, and operating AI with a core focus on cybersecurity.
The list of international signatories includes prominent cybersecurity agencies from Australia, Canada, Chile, Czechia, Estonia, France, Germany, Israel, Italy, Japan, New Zealand, Nigeria, Norway, Poland, the Republic of Korea, Singapore, the United Kingdom, and the United States.
Michelle Donelan, UK Science and Technology Secretary, lauded the new guidelines as reinforcing the UK’s status as a global leader in the safe application of AI. She referred to the recent international agreement on responsible AI at Bletchley Park as another step in this ongoing global collaboration.
The guidelines are accessible on the NCSC website, accompanied by explanatory blogs. The success of these guidelines in enhancing AI security will depend on their adoption by developers worldwide.
