Trying to keep up with the rapidly emerging and evolving governance of AI? Struggling to figure out how to address customer misgivings about your AI systems?

NOTE: This blog was originally published on 3/24/2024 and has been updated as of 8/1/2024 now that the EU AI Act has been published in the Official Journal of the European Union and “enter[s] into force” 20 days thereafter, or on August 1, 2024.

Similar to the way the launch of the first satellite, Sputnik, both introduced a new technology era—the space race—and raised some alarm, the ongoing adoption of generative artificial intelligence (AI) is beginning to permeate industries worldwide, prompting questions of how cybersecurity will need to adjust to accommodate this huge new development.

Now that ISO 42001 has been published, organizations are looking more closely at possible adherence to this new standard for artificial intelligence (AI). But those familiar with established ISO standards will know that this new framework for regulating AI will be similarly rigorous and any opportunity to streamline certification—like a gap assessment—will be enormously advantageous.

Recently, the UK National Security Centre (NCSC) and the US Cybersecurity and Infrastructure Security Agency (CISA)—along with other groups from around the world—released the Guidelines for Secure AI System Development.

After 22 grueling hours of negotiations, policymakers within the European Union (EU) have reached a provisional agreement on new rules to govern the most powerful artificial intelligence (AI) models. They’re calling it the EU AI Act, and though yes—the provisions have been hashed out—disagreements surrounding the law enforcement of said provisions have led to a recess in the negotiations.

To accommodate the ever-evolving cybersecurity threat landscape, HITRUST has released HITRUST CSF v11.2.0, updating its framework to include more pertinent concepts—one of the most notable additions is artificial intelligence (AI) risk management content.

The need for responsible, trustworthy, and ethical use of artificial intelligence (AI) has been a hot topic over the past couple of years, prompting the release of regulations such as NIST’s AI Risk Management Framework to help organizations secure the evolving tech. Additional standards have emerged to address the need to implement safeguards addressing the security, safety, privacy, fairness, transparency, and data quality of AI systems throughout their life cycle—including ISO/IEC 42001. ISO is already well-known among those interested and invested in cybersecurity, as it offers frameworks for the implementation of different management systems that can help you improve different aspects of your organization. Through the establishment of ISO 42001 in late 2023—ISO merged into the AI game, introducing best practices for an AI management system (AIMS).