The National Security Agency (NSA), in collaboration with cybersecurity agencies from several countries, recently released a report titled "Deploying AI Systems Securely," which provides invaluable guidance on best practices for secure and resilient AI system deployment. In this blog post, we'll distill the key takeaways from the report into 10 actionable insights.

1. Secure the deployment environment

Ensure your IT infrastructure follows robust security principles, such as well-designed architecture, secure configurations, and boundary protections between the IT environment and the AI system.

2. Manage deployment environment governance

Clearly define roles, responsibilities, and risk tolerance for each stakeholder involved in the AI system deployment. Leverage threat models to guide security best practices and assess potential threats.

3. Apply secure by design principles

Adopt Zero Trust frameworks and secure by design principles in the AI system architecture to manage risks effectively. Harden deployment environment configurations by applying security best practices like sandboxing, monitoring, and encryption.

4. Validate the AI system before and during use

Confirm the origin and integrity of each artifact using cryptographic methods and store all code and artifacts in a version control system with proper access controls. Thoroughly test the AI model for robustness, accuracy, and potential vulnerabilities.

5. Secure exposed APIs

Implement authentication, authorization, and validation mechanisms for API access, using secure protocols like HTTPS with encryption and authentication.

6. Actively monitor model behavior

Collect logs, monitor the model's architecture and configuration settings, and watch for attempts to access or elicit data from the AI model.

7. Protect model weights

Harden interfaces for accessing model weights, implement hardware protections for model weight storage, and aggressively isolate weight storage using protected storage vaults or hardware security modules (HSMs).

8. Enforce strict access controls

Apply role-based or attribute-based access controls to limit access to authorized personnel only. Require multifactor authentication (MFA) and privileged access workstations (PAWs) for administrative access.

9. Implement robust logging and monitoring

Monitor the system's behavior, inputs, and outputs to detect abnormal behavior or potential security incidents. Establish alert systems to notify administrators of potential security breaches or anomalies.

10. Stay updated and vigilant

Regularly update and patch your AI systems, prepare for high availability and disaster recovery, and maintain awareness of current and emerging threats in the rapidly evolving AI field.

Pillar helps organizations reduce the risks involved in deploying AI systems, protecting their intellectual property, models, and data from theft or misuse. As AI continues to advance, prioritizing security from the start will be crucial for the successful and safe deployment of AI systems across industries.
Reach out to learn more -> team@pillar.security

Subscribe and get the latest security updates

Back to blog