The Cybersecurity and Infrastructure Security Agency said its first tabletop meeting with the private sector, coordinated by the Joint Cyber Defense Collaboration group at a Microsoft Corp. facility in Reston, Virginia, last week, will support the development of a cross-sector AI security incident collaboration playbook that is expected to be made public by the end of the year.
Why is this important?
In a June 14 statement, CISA said the dedicated planning effort within the JCDC, a public-private partnership model that promotes collaboration on preparedness between AI providers, security vendors, and critical infrastructure owners and operators, will address risks, threats, vulnerabilities, and mitigations related to AI-enabled systems in the nation's critical infrastructure.
More than 50 organizations participated in a recent four-hour readiness exercise to share strategies and practice collaborative responses for safely deploying AI to protect critical infrastructure from emerging threats.
“Simulating adversarial threats against AI systems in a controlled environment provides security teams with a valuable training ground to better understand the vulnerabilities and threats that exist today,” said Chris Sestito, CEO and co-founder of HiddenLayer.
Other technology companies at the table included leading vendors such as Amazon Web Services, Cisco, IBM, Microsoft, NVIDIA, OpenAI, Palantir, Palo Alto Networks and Protect AI, along with the Federal Bureau of Investigation, the National Security Agency, the Office of the Director of National Intelligence, the Department of Defense and the Department of Justice.
“This work marks another step in our joint efforts to mitigate the risks posed by AI,” Easterly said in a statement.
“As AI adoption expands, so does the complexity of the cyber threat environment,” added Sandy Reabach, vice president of public policy and government affairs at Palo Alto Networks.
“Public-private cooperation in such important exercises will better safeguard our digital lifestyle.”
Brian Vorndran, deputy director of the FBI's cyber division, said the exercise demonstrates the bureau's commitment to partnerships.
According to CISA, the need for a security-by-design approach to AI product development was also a key theme that went beyond incident response collaboration and practice during the tabletop exercise.
“These collaborations will help our efforts to securely develop and deploy AI technologies,” Matt Knight, OpenAI's head of security, said in a statement.
JCDC is planning a second exercise in 2024 to incorporate vulnerabilities related to system integrators in the U.S. critical infrastructure, enabling interoperability when implementing AI technologies into existing systems. AI integrators help organizations adopt AI and build larger scale AI systems.
“With critical infrastructure coming under increasingly severe attacks and growing AI threats, early preparation and regular testing are more important than ever to reduce collateral damage,” Troy Bettencourt, global partner and head of IBM X-Force, said in the agency's announcement.
The AI Security Incident Collaboration Playbook, which will be launched in a tabletop exercise with the private sector at the end of the year, is intended to facilitate coordinated efforts on AI security incident response between government, industry, and partners around the world, according to CISA.
Omar Santos, Cisco's head of security and trust, called the playbook a “much-needed effort” and said it “will serve as a great resource for coordinating AI security incidents among industry peers and global partners.”
Larger trends
The JCDC said on its website that it is working to reduce the likelihood and impact of AI-related threats and vulnerabilities to critical infrastructure providers as part of a mission it began two years ago.
Emerging technologies always present great opportunities for tabletop exercises, and experts agree that governments are important partners in protecting critical infrastructure.
“There is legislation that defines this relationship, specifically the National Defense Authorization Act, which codifies the critical infrastructure relationship between sector risk management agencies and the federal government. [critical infrastructure]”The most important thing is to have a strong cybersecurity posture,” said Eric Decker, CISO at Intermountain Health, co-chair of the HHS 405(d) Task Group, as he shared tips on cybersecurity table-topping for provider organizations. Healthcare IT News.
Be on record
“At OpenAI, we firmly believe that security is a team sport. Security thrives on collaboration and benefits greatly from transparency,” Knight said in a statement. “This effort will not only strengthen our defenses, but also foster a community dedicated to advancing collective security, including realizing the benefits of using AI tools for cyber defense.”
“Security is critical as we move into the new AI environment, and collaboration with our industry and government partners is essential to develop effective, coordinated responses to security incidents,” added Brett Arsenault, corporate vice president and chief cybersecurity advisor at Microsoft.
“Practicing response scenarios and simulations, like today's AI-focused tabletop exercise, fosters learning and sharing, and helps strengthen cyber resilience overall.”
Andrea Fox is a senior editor at Healthcare IT News.
Email: afox@himss.org
Healthcare IT News is a publication from HIMSS Media.
The HIMSS AI in Healthcare Forum is scheduled to take place in Boston on September 5-6. More information and registration available here.
