The UK government has unveiled new AI security guidelines, drawing on insights from both private and public sectors, with significant contributions from the startup Mindgard. Commissioned by the Department for Science, Innovation, and Technology (DSIT), the guidelines are a direct response to a recent cyberattack on the Ministry of Defence, highlighting the urgent need to strengthen AI security. Mindgard’s report, titled “Cyber Security for AI Recommendations,” presents 45 specific recommendations designed to address vulnerabilities throughout the AI lifecycle. These include technical solutions such as modifications to software, hardware, and AI model architectures to mitigate cybersecurity risks, as well as general recommendations like organizational practices, policies, and governance frameworks to enhance security hygiene.
The technical recommendations focus on altering aspects of the AI system, from pre-processing techniques to model training methodologies, to reduce exposure to cyber threats. On the other hand, the general recommendations emphasize creating robust organizational structures, managing legal and regulatory requirements, engaging stakeholders, and implementing stringent controls to prevent unwanted model behavior. These comprehensive measures aim to fortify AI systems against a variety of security threats, including adversarial machine learning attacks.
In addition to Mindgard, key contributors to the report include Grant Thornton UK LLP, Manchester Metropolitan University, and IFF Research. Their collective efforts have identified 23 distinct security vulnerabilities within AI, based on an analysis of past cyberattacks. Mindgard’s unique platform further enhances AI security by protecting against risks such as data poisoning and model theft. Dr. Peter Garraghan, CEO and CTO of Mindgard, emphasized the importance of research in addressing AI security challenges and expressed pride in contributing to national cybersecurity efforts.
This comprehensive initiative marks a significant step towards improving AI security governance, offering valuable guidance for directors and business leaders in both federal and private sectors to navigate the evolving cybersecurity landscape.
