putilov_denis - stock.adobe.com

Government focuses on improving AI security

Two codes of practice are now available to help developers boost the security of their AI applications

The government has provided guidance to help artificial intelligence (AI) developers improve cyber security in AI models.

The Department for Science, Innovation and Technology (DSIT) said the measures aimed at developers would establish a global standard for protecting AI models from hacking. The government hopes the codes of practice will help businesses innovate and drive economic growth across the nation and form the basis of a future global standard.

Rosamund Powell, research associate at The Alan Turing Institute, said: “AI systems come with a wide range of cyber security risks which often go unaddressed as developers race to deploy new capabilities. The code of practice released today provides much-needed practical support to developers on how to implement a secure-by-design approach as part of their AI design and development process.

“Plans for it to form the basis of a global standard are crucial given the central role international standards already play in addressing AI safety challenges through global consensus. Research highlights the need for inclusive and diverse working groups, accompanied by incentives and upskilling for those who need them, to ensure the success of global standards like this.” 

DSIT said the codes set out requirements for developers to make their products resilient against tampering, hacking and sabotage to boost confidence in the use of AI models across most industries.

“We have always been clear that to harness the enormous potential of the digital economy, we need to foster a safe environment for it to grow and develop,” said technology minister Saqib Bhatti. “This is precisely what we are doing with these new measures, which will help make AI models resilient from the design phase.

“Today’s report shows not only are we making our economy more resilient to attacks, but also bringing prosperity and opportunities to UK citizens up and down the country,” he said. “It is fantastic to see such robust growth in the industry, helping us cement the UK’s position as a global leader in cyber security as we remain committed to foster the safe and sustainable development of the digital economy.”

Read more cyber security stories

  • Few users appreciate the security risks of cloud and have the expertise to implement the complex security controls, says CSA chief executive David Koh.
  • The advent of generative AI threatens to poke additional holes in your cyber security strategy. Compiling a GenAI-based security policy to guide your responses can help.

The government’s annual Cyber sectoral analysis report shows that in the past 12 months, half of businesses (50%) and a third of charities (32%) reported cyber breaches or attacks. The report found that phishing remained the most common type of breach.

Felicity Oswald, chief executive at the National Cyber Security Centre, said: “To make the most of the technological advances which stand to transform the way we live, cyber security must be at the heart of how we develop digital systems.

“The new codes of practice will help support our growing cyber security industry to develop AI models and software in a way which ensures they are resilient to malicious attacks.”

Kevin Curran, IEEE senior member and professor of cyber security, said businesses need to stay ahead of potential threats. “The threat landscape is constantly evolving, so organisations need to keep pace and ensure that they regularly review and upgrade their defences,” he said.

“Some approaches that worked just a few years ago are now obsolete, and given how rapidly artificial intelligence has been rolled out in recent months, enterprises must adopt more comprehensive data protection strategies and tools to secure their systems.”

Read more on Application security and coding requirements