May 7, 2024 at 12:32PM
The US DoE identified top 10 beneficial applications of AI/ML in critical infrastructure, along with four risk categories. The Biden administration is assessing the benefits and risks of AI, as highlighted by the DoT and DHS. The DHS provided recommendations to mitigate AI risks, focusing on a four-part strategy. Organizations face growing exposure to AI risks and need strategies for ongoing AI risk management, especially in critical infrastructure.
From the meeting notes, it is clear that the US Department of Energy has identified beneficial applications of AI and machine learning (AI/ML) in critical infrastructure, including simulations, predictive maintenance, and malicious event detection. They have also highlighted four broad categories of risk related to AI, such as unintentional failure modes and adversarial attacks against AI.
The Biden administration is leading a government assessment of the benefits and risks of using AI in critical infrastructure networks. The Department of Transportation and the Department of Homeland Security have both expressed their concerns and recommendations related to the risks of AI, with the DHS providing a four-part strategy for mitigating these risks.
Malcolm Harkins, Chief Security and Trust Officer at HiddenLayer, emphasized the need for a comprehensive and efficient approach in managing AI risks, highlighting the importance of depth and efficacy in the strategy.
The meeting notes also discussed the growing exposure to AI risks for organizations due to the increasing use of AI/ML models. Organizations are encouraged to adopt an ongoing framework for mapping, measuring, and managing exposure to AI in their business, with an overarching governance function.
For companies, the mapping and measuring aspects of the DHS mitigation strategy are considered crucial in managing AI risks. It involves identifying the uses of AI in the organization’s environment, reviewing third-party supply chains for AI risk, defining metrics, and continuous monitoring of AI implementations to detect and manage AI risk.
The focus of the DHS paper is specifically on critical infrastructure owners and operators, who are considering AI models and platforms as possible solutions for challenges such as logistics and cyber defense, with top AI use categories including operational awareness, performance optimization, and automation of operations.
Furthermore, the DHS has or is in the process of implementing AI in several pilot programs, including using AI cybersecurity systems to detect and remediate software vulnerabilities in critical infrastructure and US government systems, as well as implementing AI in areas such as investigating fentanyl distribution and child sexual exploitation, improving resilience in communities, and officer training at United States Citizenship and Immigration Services.
These key takeaways provide a comprehensive overview of the discussions that took place related to the analysis of AI and machine learning in critical infrastructure and the associated risks and mitigation strategies.