The U.S. Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) jointly released Guidelines for Secure AI System Development to help developers of any systems that use AI make informed cybersecurity decisions at every stage of the development process. The guidelines were formulated in cooperation with 21 other agencies and ministries from across the world — including all members of the Group of 7 major industrial economies — and are the first of their kind to be agreed to globally.
The guidelines provide essential recommendations for AI system development and emphasize the importance of adhering to Secure by Design principles that CISA has long championed.
The guidelines are broken down into four key areas within the AI system development lifecycle: secure design, secure development, secure deployment and secure operation and maintenance. Each section highlights considerations and mitigations that will help reduce the cybersecurity risk to an organizational AI system development process.
These guidelines are the latest effort across the U.S.’s body of work supporting safe and secure AI technology development and deployment. In October, President Biden issued an Executive Order that directed DHS to promote the adoption of AI safety standards globally, protect U.S. networks and critical infrastructure, reduce the risks that AI can be used to create weapons of mass destruction, combat AI-related intellectual property theft, and help the United States attract and retain skilled talent, among other missions.