On Thursday, the Cybersecurity and Infrastructure Security Agency launched its first table exercise with more than 50 AI experts from government and industry during a four-hour exercise to help understand and mitigate digital threats to artificial intelligence systems.
Led by the Joint Cyber Defense Collaborative, a consortium of public and private sector leaders, the tabletop exercise simulated a cybersecurity incident targeting an AI-based system. Participants practiced incident response efforts to mitigate damage from the hypothetical attack, including information sharing and operational collaboration.
The exercise was divided into three modules and described a hypothetical scenario in which hackers would be able to bypass a custom AI defense agent internally in an organization’s email system. A set of government participants were excluded from the first two modules and enrolled in the third to then simulate how industry participants would interact and collaborate with new entrants after an incident occurred.
The mission of this tabletop exercise was to raise awareness of how AI systems can present new cyber threat vectors against digital networks, examine current responses, and establish information sharing priorities to critical infrastructure operators, security providers and other stakeholders.
“This exercise marks a new step in our collective commitment to reducing the risks posed by AI. It also highlights the importance of developing and delivering AI products designed with security as a top priority,” CISA Director Jen Easterly said in a statement. “As the National Coordinator for Critical Infrastructure Security and Resilience, we are excited to work with our partners to leverage this effort to help organizations secure their AI systems. »
The results of this simulation exercise will help inform an upcoming playbook that CISA and JCDC are working to publish in late 2024, which will provide support and guidance for responses to AI-based cyberattacks. The agency plans to conduct a second tabletop exercise to test the playbook after its release.
Amazon Web Services, Cisco, Cranium, HiddenLayer, IBM, Microsoft, NVIDIA, OpenAI, Palantir, Palo Alto Networks, Protect AI, Robust Intelligence, Scale AI, FBI, National Security Agency, Office of the Director of National Intelligence, Department of Defense , and the Department of Justice were among the participating agencies and companies.
“At OpenAI, we firmly believe that security is a team sport. It thrives on collaboration and benefits enormously from transparency,” said Matt Knight, OpenAI’s chief security officer, in prepared remarks. “We are proud to have participated in the tabletop exercise with JCDC.AI and other security leaders – these collaborations benefit our efforts to safely develop and deploy AI technology.
This tabletop security exercise follows broader initiatives by the Biden administration aimed at harnessing the myriad beneficial uses of AI while mitigating negative outcomes. This was the central theme of the study by the White House Office of Science and Technology Policy. AI aspirations conference, also held Thursday.
As AI Aspirations featured system demonstrations and discussions on near-term and current use cases for AI and machine learning systems, leaders noted that AI can both help support modern cybersecurity posture and hamper it.
“For security here at home, AI will be essential to strengthening cybersecurity and protecting our critical infrastructure,” OSTP Director Arati Prabhakar said in his conference opening remarks.