Table of Contents
The European Union's AI Act is set to bring new cyber security requirements for those involved in designing, developing, and deploying AI. The Act introduces obligations for High Risk systems to be resilient against unauthorized attempts to alter their use, outputs, or performance. The US National Institute for Standards and Technology (NIST) has released a report on adversarial machine learning attacks and how organizations can mitigate them. The report outlines four types of attacks, including poisoning, abuse, privacy, and evasion attacks, and provides technical measures to mitigate them. The report emphasizes the importance of data quality, sophistication in AI models, and technical defenses to protect systems from attacks. It also highlights the need for effective AI governance, regular testing, and due diligence when adopting third-party AI systems. The report provides a starting point for organizations to develop their approach to AI-related cyber security and will continue to be a useful resource as new security practices and measures develop.
