Cyber security and risk management in the application of AI

Go to guide (in Finnish): Tekoälyn soveltamisen kyberturvallisuus ja riskienhallintaOpens in a new window.

The guide has been published by the National Cyber Security Centre Finland in 11/2021.

Due to the new opportunities provided by AI, it has become an increasingly common part of information systems. Identifying and managing information security risks related to AI and machine learning is important in order to be able to utilise AI systems as securely as possible. They are also crucial in trying to utilise any benefits from AI systems even more comprehensively than currently.

The ethics and risks related to AI and machine learning have been a hot topic in recent years. Ethical principles will also be codified in legislation and various codes. The standardisation work for AI security in both AI systems in general and branch-specifically is carried out actively. Systems that use AI, as well as those that do not, need to be explainable, fault-tolerant and monitorable.

The information security and data protection of AI rely heavily on traditional information security. Many of the proposed approaches should, indeed, also be implemented in the development of traditional systems. Achieving these features in artificial intelligence systems can, however, require approaches that differ from those of traditional systems. Information security risks related to AI are both systemic and connected to implementation. Systemic risks are related to how AI works correctly as part of other systems and in cooperation with people. The risks connected to implementation have to do with the management and confidentiality of training data as well as the integrity of machine learning models and their correct operation, including in hostile situations.

Machine learning models learn from data. The operation of a system using machine learning can be influenced by influencing the training data. In AI system development work, risks can be managed by using the correct technical solutions as well as information security and data protection activities. The parties developing these systems can identify their own risks and manage them efficiently, provided that the birth mechanisms of the risks are known and the management measures have been implemented in the development processes in practice. The management measures may be pre-emptive and reactive, and most of them are the same as with traditional systems. Exceptions are connected to test configurations, for example.