A brand new initiative aimed toward enhancing collaboration on synthetic intelligence (AI) cybersecurity throughout important infrastructure has been launched by the Cybersecurity and Infrastructure Safety Company (CISA) within the US.
The JCDC AI Cybersecurity Collaboration Playbook gives detailed steering for AI builders, suppliers and adopters on voluntarily sharing cybersecurity data with CISA and its Joint Cyber Protection Collaborative (JCDC) companions.
The playbook outlines methods to foster cooperation amongst federal companies, non-public business and worldwide stakeholders. It goals to boost consciousness about AI cybersecurity dangers and improve the resilience of AI programs.
Key goals embrace encouraging the voluntary sharing of cybersecurity incidents and vulnerabilities linked to AI programs whereas clearly defining protections and mechanisms for data trade.
Data shared by means of JCDC can improve coordination, present authorities assist and promote discussions on AI cybersecurity challenges. The playbook clarifies that participation is voluntary and doesn’t impose regulatory necessities. It additionally excludes subjects equivalent to AI equity, ethics and security considerations involving dangers to human life, well being, property or the atmosphere.
Developed from insights gained throughout two 2024 tabletop workout routines involving over 150 members, the playbook emphasizes collaboration and steady enchancment. Microsoft hosted the primary train in Virginia, whereas the second, specializing in monetary providers cybersecurity, befell at Scale AI’s headquarters in California.
Suggestions for Data Sharing
CISA recommends that organizations undertake the playbook’s practices to strengthen information-sharing processes and fortify defenses in opposition to rising threats. The doc outlines particular mechanisms for safe knowledge trade, together with the Site visitors Mild Protocol (TLP), which ensures managed dissemination of delicate data.
Key classes of data inspired for sharing embrace:
-
Noticed malicious exercise focusing on AI programs
-
Suspicious conduct and menace assessments
-
Incident reporting and vulnerability disclosures
Whereas the playbook focuses on JCDC coordination, it additionally highlights broader avenues for voluntary data sharing, equivalent to Data Sharing and Evaluation Facilities (ISACs) and the Nationwide Safety Company’s AI Safety Middle.
CISA plans to periodically replace the playbook in response to evolving threats and stakeholder suggestions. The company invitations organizations to have interaction actively with the playbook and contribute to strengthening the collective cybersecurity posture.
