Under President Biden’s Executive Order regarding the safe development and use of Artificial Intelligence, the Department of Homeland Security published new guidelines about how to secure critical infrastructure from AI-related threats.
The guidelines are focused on three key categories. The first is attacks using AI; this refers to the use of AI to plan and carry out either physical or cyber attacks on key infrastructure. The second is attacks targeting AI systems; this refers to attacks on the AI systems itself that support critical infrastructure. And third is failures in AI design; this refers to any deficiency in the planning or execution that may lead to unintended consequences.
The report then outlined a four part mitigation framework. This builds upon the National Institute of Standards and Technology’s (NIST) AI Risk Management Framework. The mitigations are:
- Govern
- Map
- Measure
- Manage
Govern refers to creating a culture of risk management around AI. This puts the onus on organizations to create a safety culture and ensure that security is at the top of the business priority list.
Map refers to understanding the use context for AI as it relates to the particular part of critical infrastructure. From this lens, the organization can better evaluate risks.
Measure refers to the development of repeatable systems to measure and monitor AI risks.
Manage asks organizations to implement and maintain risk controls to maximize the benefits and decrease any negative benefits.
These guidelines are a great place to start in securing critical infrastructure.
In addition, it’s critical to gain extensive visibility into your critical systems. This not only identifies threats, but helps to eliminate blind sports. Beyond immediate threats, deep visibility allows security leaders to gain a deeper understand of processes and how they interconnect, and allows the organization to shape and implement realistic security expectations, while prioritizing improvements.
Check Point recommends the following best practices:
- Identify and Analyze Risks: Before diving in, it’s critical to conduct a thorough risk assessment. This involves pinpointing vulnerabilities and potential threats based on the software and systems your critical infrastructure relies on.
- Stay Ahead of Threats: Proactive defense is key. By gathering and analyzing threat intelligence, you can stay informed about the latest cyber threats, physical threats, and even natural disasters that could impact your infrastructure.
- Who Gets In? Strong access controls are your first line of defense. This means implementing robust authentication measures like multi-factor verification and granting access only to authorized personnel based on their specific job duties.
- Fortify Your Digital Defenses: Cyber security is paramount. Implement robust cybersecurity measures like firewalls to secure your network perimeter. Additionally, consider intrusion prevention systems and strong encryption protocols to further shield your critical infrastructure from cyberattacks.
- Physical Security Matters: Don’t forget the physical world. Implement strict physical security measures such as entry/exit checks, surveillance cameras, security guards, and access control systems to deter and prevent physical attacks.
- Be Prepared to Respond: Having a plan in place is crucial. Develop and implement a comprehensive incident response plan outlining how to respond to security incidents. Regularly test your plan with red team exercises to ensure its effectiveness and identify areas for improvement.