The U.S. Cybersecurity and Infrastructure Security Administration (CISA) and the UK National Cybersecurity Centre (NCSC) jointly released the first global security standard for artificial intelligence.Guidelines for Developing Secure AI Systems (Guidelines for Secure AI System Development), which advocates improving system security from the design stage to avoid possible security risks.
The "Guidelines for Safe AI System Development" were developed with the participation of 18 countries, including the United States, the United Kingdom, France, Germany, Japan, South Korea, and Singapore, as well as industry players such as Microsoft, Google, OpenAI, Anthropic, and Scale AI. They emphasize providing advice when developing artificial intelligence technology and promoting the adherence of artificial intelligence systems to safety principles.
This security standard prioritizes security, transparency, and user accountability, while also highlighting the importance of establishing an organizational structure with secure design practices.
In addition to addressing all types of AI systems, this security standard also covers AI built through externally hosted models or API resource connections, and addresses possible security risks in the design, development, deployment, and maintenance processes, thereby assisting researchers, developers, or managers in making decisions and reducing overall security risks.
The US government had previously obtained commitments from most companies promoting the development of artificial intelligence technology in July this year, and signed the first executive order on artificial intelligence in October, requiring the US Department of Homeland Security to develop artificial intelligence security standards to prevent greater risks caused by artificial intelligence.
