As Artificial Intelligence (AI) becomes more pervasive, it is important to understand the benefits and risks associated with its use in cybersecurity. To reduce the risk of attacks on AI systems and minimize the impact of successful attacks, public policy should create “AI security compliance” programs. This program is modeled on existing compliance programs in other sectors, such as PCI compliance to ensure payment transactions, and would be implemented by the relevant regulatory bodies for their relevant constituents. Compliance programs would encourage stakeholders to adopt a set of best practices to protect systems against AI attacks, including considering the risks and surfaces of attacks when implementing AI systems, adopting IT reforms to make it difficult to execute attacks, and creating attack response plans. AI has advantages and disadvantages in the field of cybersecurity.
Malicious actors routinely use AI algorithms to attack or penetrate systems, which has caused a significant number of data breaches in recent years. Today, AI methods are used at all stages of security, including prevention, detection, investigation and remediation, discovery and classification, threat intelligence, and security training and simulations. For example, AI pattern recognizers have been implemented in browsers and other applications as part of their security services to help protect people from harmful URLs. AI methods can improve detection and reduce false positive rates. Detection involves identifying and alerting suspicious behaviors as they occur.
The goal is to respond quickly to attacks, including identifying the scale and scope of an attack, closing the attacker's entry, and correcting any support points that the attacker may have established. AI methods are used in detection to classify alerts about possible attacks, identify multiple attempted breaches over time that are part of larger and longer attack campaigns, detect fingerprints of malware activities as it operates on a computer or network, identify the flow of malware through an organization, and guide automated mitigation approaches when the response must be rapid to prevent an attack from spreading. Malicious actors can intercept and decrypt data that flows to and from a network endpoint. They can manipulate, modify, or use it for illegal purposes if they don't detect it in time. As a result, if this application was considered easy to attack, an AI system may not be suitable for this particular application. In the public sector, compliance must be mandatory for government uses of AI and be a precondition for private companies to sell AI systems to the government.
Any software installed on a device without the end user's permission is classified as spyware, even if it's downloaded for a harmless purpose. The power of automation and the large-scale detection, prioritization and response that AI technologies enable can not only ease the burden on cybersecurity professionals but also help bridge the growing staff gap. This policy will improve the security of the community, military and economy against AI attacks. Put bluntly, the algorithms that make AI systems work so well are imperfect, and their systematic limitations create opportunities for adversaries to attack. Policy makers should encourage better detection of intruders in systems that contain these critical assets and design methods that profile anomalous behavior to detect when attacks are being developed. Implementation phase compliance requirements are focused on ensuring that stakeholders take appropriate precautionary measures as they build and implement their AI systems.
In a revealing report, the Office of the Inspector General of the Department of Justice did not cite Hanssen's brilliance as a spy but rather the agency's inability to implement and enforce strict internal security procedures as one of the main reasons for its success over 20 years. To ensure that AI systems remain secure from malicious actors or malicious software attacks, public policy should create “AI security compliance” programs. Compliance programs would achieve this goal by encouraging stakeholders to adopt a set of best practices to protect systems against AI attacks. This program is modeled on existing compliance programs in other sectors such as PCI compliance to ensure payment transactions. It would be implemented by relevant regulatory bodies for their relevant constituents.