Key Takeaways

• Organizations are rapidly adopting AI but face challenges in securing existing deployments.
• Frameworks like NIST AI-RMF and OWASP provide guidelines for responsible AI security, emphasizing proactive, structured approaches.
• The Secure by Design methodology aids in embedding security throughout the AI lifecycle, fostering both compliance and innovation.

Frameworks for Secure AI Development

Artificial intelligence adoption is accelerating, prompting organizations to address security for systems already in use. Frameworks like the NIST AI Risk Management Framework (AI-RMF), OWASP Top 10 for LLMs and GenAI, and MITRE ATLAS are guiding the establishment of responsible and secure AI practices. However, aligning existing security programs with these frameworks can seem overwhelming, especially when compliance must be retrofitted to operational systems.

These frameworks are not mere checklists; they provide a comprehensive approach for developing trustworthy AI systems and offer actionable steps for security leaders. Notably, they align with CISA’s Secure by Design methodology, which emphasizes ownership of security outcomes, radical transparency, accountability, and organizational support for security throughout the AI lifecycle. This alignment is critical for staying ahead of compliance demands and mitigating risks associated with insecure AI.

Common Goals and Distinctions of AI Frameworks

While the NIST AI-RMF, OWASP Top 10 for LLMs and GenAI, and MITRE ATLAS differ in their specific focus and depth, they collectively aim to ensure that AI systems remain trustworthy and accountable.

• NIST AI-RMF: This voluntary, risk-based framework uses a phased approach—Map, Measure, Manage, and Govern—to help organizations evaluate and enhance AI trustworthiness.
• OWASP Top 10 for LLMs and GenAI: This list identifies critical vulnerabilities unique to language models and generative AI, such as prompt injection and data leakage.
• MITRE ATLAS: This resource outlines adversarial threats to AI systems, detailing known tactics, techniques, and procedures (TTPs) that can pose risks.

Implementing Secure by Design principles can bridge the gap between AI innovation and security compliance effectively.

Embedding Security into AI Development

Bridging the security compliance gap in AI innovation doesn’t need to be a burdensome process. Key steps include:

1. Map AI Assets: Organizations should begin by creating a comprehensive inventory of AI assets, including internal models and third-party services. This aligns with both the “Map” phase of NIST AI-RMF and recommendations from MITRE ATLAS regarding system profiling.

2. Threat Model Early: Incorporating threat modeling from the outset is crucial. AI-specific threats such as data poisoning and model inversion should be considered alongside traditional cyber risks. This step correlates with the “Measure” and “Manage” phases of NIST AI-RMF and OWASP’s threat scenarios.

3. Design for Observability: Establishing observability in AI systems is vital. This involves tracking decision paths and versioning to enhance auditability and response capabilities. This aligns with NIST AI-RMF’s “Govern” phase.

4. Shift Testing Left: Testing should commence early, assessing AI models before deployment. This should include red teaming and adversarial testing as standard practices to evaluate systems for vulnerabilities like model drift and bias.

5. Enforce Controls at the Vector Level: Given the complexities introduced by modern AI systems, organizations must implement AI-aware policy enforcement to handle access controls effectively. This ensures that AI models operate within defined security boundaries.

When these secure design principles are consistently applied throughout the AI lifecycle, security and compliance become mutually reinforcing. Instead of merely adhering to guidelines, organizations can create resilient, transparent, and trustworthy AI systems from the start.

The content above is a summary. For more details, see the source article.