'
Critical Infrastructure Security

DHS Cybersecurity Guidelines Aim to Protect Critical Infrastructure in the Age of AI – Telecompetitor

author
1 minute, 32 seconds Read

The Department of Homeland Security has released guidelines to mitigate AI risks to critical infrastructure, including telecom networks.

The guidelines have three dimensions. DHS wants to thwart attacks using AI, attacks that target AI systems and attacks that seek to exploit “failures in AI design and implementation.”


Security Marketplace- Join Now!

“Based on CISA’s expertise as National Coordinator for critical infrastructure security and resilience, DHS’ Guidelines are the agency’s first-of-its-kind cross-sector analysis of AI-specific risks to critical infrastructure sectors and will serve as a key tool to help owners and operators mitigate AI risk,” CISA Director Jen Easterly said in a prepared statement.

DHS’s mitigation strategy is four-fold, and builds upon the National Institute of Standards and Technology’s (NIST) AI Risk Management Framework (RMF).

The four elements of the critical infrastructure cybersecurity guidelines are:

  • Govern: Establish an organizational culture of AI risk management. The goal is to prioritize and take ownership of safety and security outcomes, embrace radical transparency and build organizational structures that make security a top business priority.
  • Map: Understand your individual AI use context and risk profile. The goal is to establish and understand the foundational context from which AI risks can be evaluated and mitigated.
  • Measure: Develop systems to assess, analyze, and track AI risks. The goal is to identify repeatable methods and metrics for measuring and monitoring AI risks and impacts.
  • Manage: Prioritize and act upon AI risks to safety and security. The goal is to implement and maintain identified risk management controls to maximize the benefits of AI systems while decreasing the likelihood of harmful safety and security impacts. 

The new DHS cybersecurity guidelines come at a time of increased federal interest in security critical infrastructure, including telecom networks. For example, providers receiving funding for broadband deployments through certain government programs will have to detail how they plan to secure those networks.

This post was originally published on the 3rd party site mentioned in the title of this this site

Similar Posts