866.254.0000
Talk with a Specialist
Services
SOC & Attestations
Payment Card Assessments
ISO Certifications
Privacy Assessments
Federal Assessments
Healthcare Assessments
Penetration Testing
Cybersecurity Assessments
Crypto and Digital Trust
Schellman Training
ESG & Sustainability
AI Services
View All Services
Industry Solutions
Cloud Computing & Data Centers Meet a broad range of regulatory and industry compliance mandates for your customers
Financial Services & Fintech Cybersecurity assessments for both the banking industry and the financial service providers
Healthcare Reporting to manage risk and adhere to applicable laws and regulations
Payment Card Processing Validate compliance with the various forms of the PCI DSS
US Government Achieve authorization to work for federal agencies, DoD, and the associated contractor base
Higher Education & Research Laboratories Reinforce your commitment to securing your student's and institution's data.
View All Industry Solutions
Learning Center
Our Technology
About Us
Leadership Team
Careers
Corporate Social Responsibility
Strategic Partnerships
Visit About Us
Services
Services
View All Services
SOC & Attestations
SOC & Attestations
Payment Card Assessments
Payment Card Assessments
ISO Certifications
ISO Certifications
Privacy Assessments
Privacy Assessments
Federal Assessments
Federal Assessments
Healthcare Assessments
Healthcare Assessments
Penetration Testing
Penetration Testing
Cybersecurity Assessments
Cybersecurity Assessments
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
ESG & Sustainability
ESG & Sustainability
AI Services
AI Services
Industry Solutions
Industry Solutions
View All Industry Solutions
Cloud Computing & Data Centers
Cloud Computing & Data Centers
Financial Services & Fintech
Financial Services & Fintech
Healthcare
Healthcare
Payment Card Processing
Payment Card Processing
US Government
US Government
Higher Education & Research Laboratories
Higher Education & Research Laboratories
Learning Center
Our Technology
About Us
About Us
About Schellman
Leadership Team
Leadership Team
Careers
Careers
Corporate Social Responsibility
Corporate Social Responsibility
Strategic Partnerships
Strategic Partnerships
Talk with a Specialist

«  View All Posts

An Explanation of the Guidelines for Secure AI System Development Blog Feature
Jerrad Bartczak

By: Jerrad Bartczak

Print/Save as PDF

An Explanation of the Guidelines for Secure AI System Development

Cybersecurity Assessments | Artificial Intelligence

Recently, the UK National Security Centre (NCSC) and the US Cybersecurity and Infrastructure Security Agency (CISA)—along with other groups from around the world—released the Guidelines for Secure AI System Development.

A new resource for developers as of November 2023, the document is meant to aid in the development of secure artificial intelligence (AI) systems. Increased use of AI technology continues within both the public and private sectors, and these guidelines will assist the developers of these (and new) AI systems in reducing system risks before security issues arise.

As cybersecurity experts, we have familiarized ourselves with the document, which breaks its suggested process into four stages. In this blog post, we will detail each of these four stages of secure AI system development explained within the Guidelines so that those considering implementing them can more easily do so.

 

The Four Stages of Secure AI System Development

The new Guidelines focus on the security of four main areas of the system development cycle:

Stage 1 Secure Design
Stage 2 Secure Development
Stage 3 Secure Deployment
Stage 4 Secure Operation and Maintenance

Stage 1 – Secure Design

First things first, secure design must begin with employee security training and an AI risk assessment.

You may already be regularly performing general risk assessments, but if you’re developing AI, you must ensure that risks specific to your AI system are added to and considered within those evaluations because ultimately, all the subsequent decisions you make during AI system development should be based on an AI risk assessment (as well as regularly performed AI threat modeling).

One of those key decisions you’ll be able to make once you’ve completed that risk assessment and threat modeling is whether to develop the AI system in-house or outsource the project:

Should You Design AI In-House?

Should You Outsource AI Design?

The benefit of developing an AI system in-house is that you’ll be in control of all aspects of the project—that’s less hassle.

BUT you’ll need to ensure you and your staff have the proper breadth of experience to develop secure AI systems.

If you lack said experience with AI, it may be more beneficial to outsource to someone who does, as that’ll help reduce the risk of creating vulnerabilities in the system as a result of human error.

HOWEVER not only is it essential that you perform proper due diligence before choosing a third party, but anything provided by your chosen third party should be properly tested before it is implemented.

Other considerations the Guidelines ask you to make during the design stage include:

  • What type of data will be used to tune your model; and
  • The quantity of data that will be used to tune your model.
    • (You reduce risk when you use a large amount of quality data, but of course, that will take more time.)

Stage 2 – Secure Development

Once you’ve secured and worked out who will design your AI, the next stage is putting your ideas into action.

(Again, if you choose to work with an outsourced developer, you must complete your proper due diligence ensuring that your vendors are trusted and will adhere to the security standards of your organization before moving forward into this stage.)

When embarking on AI development, the guidelines recommend that you go ahead and implement technical controls within the AI system at this stage—that includes things such as:

  • Configuring system logs and controls to protect the confidentiality, integrity, and availability of the logs.
  • Documenting any data that was used to train and tune the AI model for future reference in case the system does not perform as expected.
  • Maintaining a baseline version so the system can be rolled back in the future if a compromise occurs.

Stage 3 – Secure Deployment

Once you’ve developed your AI system, you then must take the proper steps before implementing it for use, and that begins with segregating the environments within your organization to ensure that—if your AI is compromised—your other systems will not be affected.

Proper access controls should be put in place, including a few specific controls for AI systems that should be incorporated at this stage:

  • Controls to prevent users from exfiltrating confidential information while interfacing with the system; and
  • Model hashes to maintain the integrity of the AI model.

This is also the point in the process where your organization’s incident response team should be trained on AI-specific incidents and the appropriate response process—your team and process should also be tested regularly using different incident scenarios.

Stage 4 – Secure Operation and Maintenance

Once the AI system is implemented and begins operating, you must continue to monitor it for a few reasons—to evaluate system performance and to quickly identify any compromise that may arise.

(Should you discover that your system is indeed not performing as expected or has been hacked, you should roll it back to the baseline established in the aforementioned Stage 2 Secure Development.)

Regarding the ongoing operations and evolution of your AI system, the guidance also recommends that you:

  • Test any system software updates before their deployment;
  • Configure all AI systems within your organization to automatically install updates;
  • Document any lessons learned throughout the process so as to improve future projects.

 

Guidelines for Secure AI System Development and Your Compliance

At this point, you may have noted several security practices recommended throughout these four stages of AI system development are some that your organization may have already implemented—employee security awareness training, maintaining base versions of systems, and conducting tabletop exercises of incident response programs are all requirements for compliance with security standards such as SOC or HITRUST.

So, if you’re regularly undergoing those or related compliance assessments, it may not be as daunting a task as it seems to secure the AI system development process using this new guidance.

Moving Forward with AI

That being said, whether you follow these guidelines or not, you must take the proper precautions to secure every step of AI system development since the consequences for vulnerabilities could include:

  1. Breaches of personal information being used or stored by the system
  2. Unexpected outputs to users of the AI system
  3. AI system bias created through the use of inaccurate data

Following the Guidelines for Secure AI System Development can help, but you also have other options to help secure this new technology—to learn more, check out our other content regarding AI cybersecurity:

About Jerrad Bartczak

Jerrad Bartczak is a Senior Associate with Schellman based in New York. In his work ensuring that clients maintain an effective system of controls within their organization, he has experience conducting HITRUST, SOC 1, SOC 2, and HIPAA audits and maintains CISA, CCSFP, CCSK certifications.

4010 W Boy Scout Boulevard
Suite 600
Tampa, FL 33607

U.S. 1.866.254.0000

Outside the U.S.
1.813.288.8833

Resources
Company
Stay Up-to-Date

Sign up to receive Schellman's Weekly Ready delivered every Friday morning.

© SchellmanPrivacy PolicyTerms of Use

“Schellman” is the brand name under which Schellman & Company, LLC and Schellman Compliance, LLC provide professional services. Schellman & Company, LLC and Schellman Compliance, LLC practice as an alternative practice structure in accordance with the AICPA Code of Professional Conduct and applicable law, regulations and professional standards. Schellman & Company, LLC is a licensed certified public accounting firm (Florida license number AD62941) registered with the Public Company Accounting Oversight Board (PCAOB) that provides attest services to its clients, and Schellman Compliance, LLC provides nonattest cybersecurity and compliance professional services to its clients. Schellman Compliance, LLC is not a licensed CPA firm. Schellman & Company, LLC and Schellman Compliance, LLC are independently owned and are not liable for the services provided by any other entity providing services under the Schellman brand. Our use of the terms “our firm” and “we” and “us” and terms of similar import, denote the alternative practice structure conducted by Schellman & Company, LLC and Schellman Compliance, LLC.