Cloud 101CircleEventsBlog

Download Publication

AI Organizational Responsibilities - Core Security Responsibilities
AI Organizational Responsibilities - Core Security Responsibilities
Who it's for:
  • CISOs and Chief AI Officers 
  • Business leaders, decision makers, and shareholders
  • AI engineers, analysts, and developers
  • Policymakers and regulators
  • Customers and the general public

AI Organizational Responsibilities - Core Security Responsibilities

Release Date: 05/05/2024

Working Group: AI Safety Initiative

This publication from the CSA AI Organizational Responsibilities Working Group provides a blueprint for enterprises to fulfill their core information security responsibilities pertaining to the development and deployment of Artificial Intelligence (AI) and Machine Learning (ML). Expert-recommended best practices and standards, including NIST AI RMF, NIST SSDF, NIST 800-53, and CSA CCM, are synthesized into 3 core security areas: data protection mechanisms, model security, and vulnerability management. Each responsibility is analyzed using quantifiable evaluation criteria, the RACI model for role definitions, high-level implementation strategies, continuous monitoring and reporting mechanisms, access control mapping, and adherence to foundational guardrails.

Key Takeaways:
  • The components of the AI Shared Responsibility Model
  • How to ensure the security and privacy of AI training data
  • The significance of AI model security, including access controls, secure runtime environments, vulnerability and patch management, and MLOps pipeline security
  • The significance of AI vulnerability management, including AI/ML asset inventory, continuous vulnerability scanning, risk-based prioritization, and remediation tracking

The other two publications in this series discuss the AI regulatory environment and a benchmarking model for AI resilience. By outlining recommendations across these key areas of security and compliance in 3 targeted publications, this series guides enterprises to fulfill their obligations for responsible and secure AI development and deployment.
Download this Resource

Bookmark
Share
Related resources
AI Organizational Responsibilities - Governance, Risk Management, Compliance and Cultural Aspects
AI Organizational Responsibilities - Governance...
AI in Medical Research: Applications & Considerations
AI in Medical Research: Applications & Consider...
AI Organizational Responsibilities - Core Security Responsibilities - Korean Translation
AI Organizational Responsibilities - Core Secur...
ConfusedPilot: UT Austin & Symmetry Systems Uncover Novel Attack on RAG-based AI Systems
ConfusedPilot: UT Austin & Symmetry Systems Uncover Novel Attack on...
Published: 11/12/2024
The EU AI Act Comes Into Force: How This Pioneering Legislation Impacts Your Organization
The EU AI Act Comes Into Force: How This Pioneering Legislation Imp...
Published: 11/12/2024
Mitigating GenAI Risks in SaaS Applications
Mitigating GenAI Risks in SaaS Applications
Published: 11/07/2024
The Future of Compliance: Adapting to Digital Acceleration and Ephemeral Technologies
The Future of Compliance: Adapting to Digital Acceleration and Ephe...
Published: 11/07/2024
6 Key Requirements to Multicloud Security
6 Key Requirements to Multicloud Security
November 13 | Online
Virtual Zero Trust Summit 2024
Virtual Zero Trust Summit 2024
November 20 | Virtual
Cloudbytes Webinar Series
Cloudbytes Webinar Series
January 1 | Online
Are you a research volunteer? Request to have your profile displayed on the website here.

Interested in helping develop research with CSA?

Related Certificates & Training