[written together with Marina Kaganovich, Executive Trust Lead, Office of the CISO @ Google Cloud; originally posted here]

In 2024, we shared our insights on how to approach generative AI securely by exploring the fundamentals of this innovative technology, delving into key security terms, and examining the essential policies needed for AI governance. We also discussed Google Cloud’s approach to AI security and shared helpful resources like the Secure AI Framework (SAIF).

In addition to publishing blogs and papers, our Cloud Security Podcast by Google episodes have featured experts discussing AI’s impact on security, offering practical implementation advice, and addressing emerging challenges.

Finally, we examined lessons learned from various sectors and provided actionable guidance on securing AI systems alongside best practices for avoiding common AI security pitfalls.

A recap of our key blogs, papers and podcasts on AI security in 2024 follows.

Gen AI Security Fundamentals

Gen AI demystified: Understanding gen AI types and their risks

In today’s rapidly evolving technological landscape, gen AI presents both opportunities and security challenges for business leaders. Navigating this complex and dynamic landscape necessitates a strategic understanding of several key distinctions to inform decisions for optimal security and operational effectiveness: consumer vs. enterprise Gen AI, with the former prioritizing ease of use and the latter emphasizing security; open vs. proprietary models, balancing innovation with controlled access; and cloud vs. on-premise deployments, weighing scalability against data security.

5 gen AI security terms busy business leaders should know

Leaders must be cognizant of 5 key security risks: prompt manipulation, where malicious prompts yield harmful outputs; data leakage, which involves the unintended exposure of sensitive information; model theft, that results in financial and reputational damage; data poisoning, where compromising model outputs are the result of corrupted training data; and hallucinations, a condition where the model generates inaccurate or nonsensical information. Mitigating these risks requires robust security protocols including prompt sanitization, data governance policies, access controls, output filtering, data source vetting, and continuous monitoring, coupled with responsible AI practices such as data curation, model stress-testing, and customer safety tools.

Governance and policy

Gen AI governance: 10 tips to level up your AI program

To effectively operationalize AI at scale, adopt a comprehensive approach encompassing these 10 best practices. These include establishing a cross-functional team of stakeholders, defining clear AI principles, using a robust framework like SAIF, documenting and implementing AI policies, prioritizing use cases, integrating with existing data governance programs, collaborating with compliance and legal teams, establishing escalation pathways, ensuring visibility of AI initiatives, and enabling continuous learning through a dedicated AI training program.

How to craft an Acceptable Use Policy for gen AI

A well-defined Acceptable Use Policy (AUP) for gen AI is crucial for organizations to establish clear guidelines, mitigate risks, and foster responsible AI adoption. Key elements of an AUP include a clear purpose statement, defined scope, assigned accountability, approved tools and data handling guidelines, and practical examples of acceptable and unacceptable AI use.

Google Cloud’s Approach to Trust in Artificial Intelligence

Google Cloud takes a comprehensive approach to secure AI, emphasizing risk management, data governance, privacy, security, and compliance throughout the entire AI lifecycle. With a principled AI development process guided by strong ethical considerations, this approach includes rigorous risk assessments, robust data governance protocols that prioritize customer privacy, and a security-first design mindset that champions transparency, customer control over data, and compliance with industry standards.

EP135 AI and Security: The Good, the Bad, and the Magical

We feature insights from Google Cloud’s CISO, Phil Venables, on the multifaceted impacts of AI on security. Our discussion focuses on AI’s potential as a game-changer in cybersecurity, its applications in threat detection and productivity enhancement, and the unique security concerns it presents. We examine the advantages and disadvantages AI offers to both defenders and attackers, and address the nuances of securing AI systems by emphasizing the concept of shared responsibility in this evolving landscape.

EP185 SAIF-powered Collaboration to Secure AI: CoSAI and Why It Matters to You

This episode introduces the Coalition for Secure AI (CoSAI), featuring Google’s David LaBianca, who highlights CoSAI’s mission to foster collaboration and establish secure AI practices. The discussion explores the importance of partnerships with organizations like Microsoft, OpenAI, and existing AI security initiatives. It also examines CoSAI’s approach to addressing the rapidly evolving AI landscape and emerging threats, outlining anticipated outcomes like a defender’s framework and secure software supply chains for AI.

Building AI securely

Staying on Top of AI Developments

Successfully implementing AI hinges on taking a people-centric approach to AI adoption and emphasizing the importance of workforce preparation through comprehensive AI education and skills development. Demystifying AI concepts, implementing tailored training programs with hands-on experience, and fostering a culture of continuous learning are all key to ensuring employees stay abreast of the latest advancements in this dynamic field. By investing in their workforce’s AI literacy, organizations can effectively leverage AI’s potential while minimizing risks and fostering a smooth transition into an AI-powered future.

7 key questions CISOs need to answer to drive secure, effective AI

Here we’ve taken some of the most common security concerns around AI that we have heard from CISOs around the world and summarized them along with our answers. CISOs should be asking — and answering — these questions related to establishing clear AI guidelines, mitigating emerging threats, safeguarding data security and privacy, and leveraging AI to enhance existing security measures. By proactively addressing these critical areas, organizations can confidently harness AI’s potential while minimizing risks.

To securely build AI on Google Cloud, follow these best practices

Robust security practices are crucial in mitigating the unique risks associated with AI systems. Our research report offers best practices for securing AI workloads on Google Cloud and provides a comprehensive checklist for both security and business leaders by covering key areas like model development, application security, infrastructure, and data management. By adhering to these recommendations, organizations can confidently build and deploy secure AI solutions on Google Cloud while minimizing potential risks.

How SAIF can accelerate secure AI experiments

Accelerate AI adoption through secure and effective AI experiments using the Secure AI Framework (SAIF). Starting with well-defined objectives and targeted use cases, assembling a cross-functional team, utilizing high-quality data, and implementing robust security measures, organizations can support responsible AI experimentation that drives innovation.

SAIF Risk Map

The SAIF Risk Map provides a comprehensive overview of the diverse security risks inherent in AI development spanning data poisoning, model tampering, unauthorized access, and insecure outputs. These risks are introduced at various stages of the AI lifecycle, from data ingestion and model training to deployment and usage. The map emphasizes proactive mitigation strategies, including robust access controls, data sanitization, secure infrastructure, and thorough testing, to address these vulnerabilities and ensure the responsible development and deployment of AI systems.

SAIF Risk Assessment: A new tool to help secure AI systems across industry

The SAIF Risk Assessment is an interactive tool designed to help organizations enhance the security of their AI systems. This questionnaire-based assessment guides users through an evaluation of their AI security practices, identifies potential risks like data poisoning and prompt injection, and offers tailored mitigation strategies, serving as a practical resource for translating the Secure AI Framework (SAIF) into actionable steps and empowering organizations to proactively assess and strengthen their AI security posture.

Securing the AI Software Supply Chain

The evolution of AI brings new security challenges, paralleling those found in traditional software supply chains but with increased complexity. The AI supply chain, encompassing data sourcing, model training, deployment, and maintenance, introduces vulnerabilities at every stage. This paper highlights the urgency of addressing these risks, emphasizing that compromised AI models are already a reality. The paper underscores the adaptability of existing security measures like provenance and SLSA to the AI domain and includes key takeaways such as the importance of provenance and the need for robust security measures throughout the AI development lifecycle.

EP192 Confidential + AI: Can AI Keep a Secret?

We delve into the intersection of confidential computing and AI, featuring Nelly Porter from Google Cloud who discusses real-world applications where confidential AI makes a significant impact, comparing it to on-premises AI solutions and examining which parts of the AI lifecycle are best suited for a confidential environment. The performance, cost, and security implications of confidential AI are also addressed, providing listeners with valuable resources to further explore this emerging technology and its role in safeguarding sensitive data while leveraging the power of AI.

EP173 SAIF in Focus: 5 AI Security Risks and SAIF Mitigations

Honing in on the unique challenges of securing AI systems in cloud environments, we highlight 5 key AI security risks that organizations should address. Featuring Google’s Shan Rao, the discussion explores how the Secure AI Framework (SAIF) can mitigate these risks through common security controls and best practices. We also tackle striking the balance between rapid AI adoption and security, examine future trends in AI security, and provide valuable resources for listeners to further their understanding of this critical domain.

Lessons learned

Be secure, save money: AI-era lessons from financial services CISOs

Here we examine the multifaceted challenges faced by CISOs in the financial sector, particularly in light of the rapid evolution of AI, highlighting the delicate balancing act between embracing AI’s potential and mitigating its inherent risks including evolving threats, securing legacy systems, and managing costs. This blog emphasizes the need for CISOs to adopt a proactive approach by fostering strong governance structures, enhancing threat intelligence capabilities, and building resilient security programs.

Oops! 5 Serious gen AI security mistakes to avoid

Based on Office of the CISO’s discussions with customers, we’ve identified 5 key AI security mistakes to watch for: weak governance guidance, data security, too much access, failure to consider inherited vulnerabilities, and over-indexing on certain risks. To ensure secure and successful gen AI deployments, organizations should prioritize robust AI governance, maintain high-quality data, enforce strict access controls, scrutinize third-party models for vulnerabilities, and apply consistent security measures across all AI implementations, including internal tools. Addressing these key areas will help to mitigate risks, foster secure AI usage, and promote trust while driving positive business outcomes.

EP198 GenAI Security: Unseen Attack Surfaces & AI Pentesting Lessons

In this episode, we consider the unique security challenges posed by gen AI, featuring insights from SplxAI’s Co-Founder and CTO, Ante Gojsalic. The discussion explores the evolving attack surfaces of Gen AI, common security mistakes made by organizations, and the benefits of automating penetration testing for these applications.

Recommendations

From understanding the fundamental concepts and risks to establishing effective governance frameworks and leveraging resources like SAIF, you have access to resources that can help you make informed decisions about your AI initiatives.

Now it’s time to put this knowledge into action!

Related posts:

• Our Security of AI Papers and Blogs Explained
• Cloud Security Podcast by Google on AI

Cross-post: Office of the CISO 2024 Year in Review: AI Trust and Security was originally published in Anton on Security on Medium, where people are continuing the conversation by highlighting and responding to this story.

*** This is a Security Bloggers Network syndicated blog from Stories by Anton Chuvakin on Medium authored by Anton Chuvakin. Read the original post at: https://medium.com/anton-on-security/cross-post-office-of-the-ciso-2024-year-in-review-ai-trust-and-security-e73af11fb374?source=rss-11065c9e943e------2