The Cybersecurity and Infrastructure Security Agency has released a new guidebook detailing how to facilitate voluntary information exchange about cyber threats and defenses within the artificial intelligence community. The playbook also lists possible agency actions on shared information, CISA said Tuesday.
To develop the guidance, the agency collaborated with the Joint Cyber Defense Collaborative, or JCDC, composed of federal, international and industry partners. The collaboration culminated in two tabletop exercises on responses to real-world AI cybersecurity breaches.
CISA encourages AI providers, developers and users to integrate the 33-page guidance, titled “JCDC AI Collaborative Playbook,” into their cyber incident response mechanisms. The agency also suggests that AI security specialists raise attention on technical exchange opportunities and priorities on emerging threats or vulnerabilities in the AI community.
Checklist for Information-sharing
The CISA guidebook provides a checklist to use when sharing actionable information. It covers the incident or vulnerability description, how it was detected and the affected AI systems and users. Voluntary information can be shared with JCDC through the email [email protected].
CISA Director Jen Easterly, a Wash100 awardee, described the playbook as a “major milestone” in securing AI systems through the collaboration of about 150 AI specialists from government and industry.
“This playbook will be regularly updated to address the evolving challenges of an AI-driven future,” she added.