On Thursday, the Cybersecurity and Infrastructure Security Agency began its inaugural table exercise with more than 50 AI experts from government and industry in a four-hour simulation to help understand and mitigate digital threats to AI systems.
Led by the Joint Cyber โโDefense Collaborative, a consortium of public and private sector leaders, the tabletop exercise simulated a cybersecurity incident targeting an AI-enabled system. Participants practiced incident response efforts to mitigate the damage caused by the hypothetical attack, including information sharing and operational collaboration.
The exercise was divided into three modules and described a hypothetical scenario in which hackers were able to bypass an internally customized AI defense agent in an organization's email system. A group of government participants was kept out of the first two modules and entered during the third to then simulate how industry participants would interact and collaborate with new participants after an incident had occurred.
The mission of the tabletop exercise was to raise awareness of how artificial intelligence systems can present new cyber threat vectors to digital networks, examine current responses, and establish information sharing priorities for critical infrastructure operators, security providers, and other parties. interested.
โThis exercise marks another step in our collective commitment to reduce the risks posed by AI. It also highlights the importance of developing and delivering AI products that are designed with security as a top priority,โ CISA Director Jen Easterly said in a statement. "As the national coordinator for critical infrastructure security and resilience, we are excited to work with our partners to leverage this effort to help organizations protect their AI systems."
The results of the tabletop exercise will help inform an upcoming manual that CISA and the JCDC are working to publish in late 2024, which will offer support and guidance for responses to AI-based cyberattacks. The agency plans to conduct a second practical exercise to test the manual after its launch.
Amazon Web Services, Cisco, Cranium, HiddenLayer, IBM, Microsoft, NVIDIA, OpenAI, Palantir, Palo Alto Networks, Protect AI, Robust Intelligence, Scale AI, FBI, National Security Agency, Office of the Director of National Intelligence, Department of Defense and the Department of Justice were among the participating agencies and companies.
"At OpenAI, we firmly believe that security is a team sport. It thrives on collaboration and benefits greatly from transparency," said Matt Knight, head of security at OpenAI, in prepared remarks. โWe are proud to have participated in the roundtable exercise with JCDC.AI and other security leaders โ these collaborations benefit our efforts to safely develop and deploy AI technology.โ
The tabletop security exercise follows broader initiatives by the Biden administration to harness the myriad beneficial uses of AI while mitigating negative outcomes. This was the central theme of the report from the White House Office of Science and Technology Policy. AI aspirations conference, also held on Thursday.
While AI Aspirations featured system demonstrations and discussions on current and near-term use cases for AI and machine learning systems, leaders noted that AI can help support and hinder the modern cybersecurity posture.
โFor security here at home, AI will be essential to boost cybersecurity and protect our critical infrastructure,โ OSTP Director Arati Prabhakar said in opening remarks at the conference.
