Contact Us

Continuity Insights Management Conference

Most Companies Identified Breaches To Their AI In The Past Year

Continuity Insights

Business ContinuityCyberSecurityTechnology

AI adoption is accelerating without proper security measures, according to HiddenLayer’s new AI Threat Landscape Report.

A new study of the pervasive use of AI and the risks involved in its deployment reveals that nearly all companies surveyed (98%) consider at least some of their AI models crucial to their business success. Also, 77% identified breaches to their AI in the past year. However, only 14% of IT leaders said their companies are planning and testing for adversarial attacks on AI models, according to HiddenLayer’s inaugural AI Threat Landscape Report.

The report surveyed 150 IT security and data science leaders to shed light on the biggest vulnerabilities impacting AI today, their implications on commercial and federal organizations, and cutting-edge advancements in security controls for AI in all its forms.

The survey uncovered AI’s widespread utilization by today’s businesses as companies have, on average, 1,689 AI models in production. In response, security for AI has become a priority, with 94% of IT leaders allocating budgets to secure their AI in 2024. Yet only 61% are highly confident in their allocation, and 92% are still developing a comprehensive plan for this emerging threat. These findings reveal the need for support in implementing security for AI.

“AI is the most vulnerable technology ever to be deployed in production systems,” said Chris “Tito” Sestito, Co-Founder and CEO, HiddenLayer. “The rapid emergence of AI has resulted in an unprecedented technological revolution, of which every organization in the world is affected. Our first-ever AI Threat Landscape Report reveals the breadth of risks to the world’s most important technology. HiddenLayer is proud to be on the front lines of research and guidance around these threats to help organizations navigate the security for AI landscape.”

AI Security: Common Risks & Attacks

Adversaries can leverage a variety of methods to utilize AI to their advantage. The most common risks of AI usage include:

  • Manipulation to give biased, inaccurate, or harmful information.
  • Creation of harmful content, such as malware, phishing, and propaganda.
  • Development of deep fake images, audio, and video.
  • Leveraged by malicious actors to provide access to dangerous or illegal information.

There are three major types of attacks on AI:

  • Adversarial Machine Learning Attacks target AI algorithms, aimed to alter AI’s behavior, evade AI-based detection, or steal the underlying technology.
  • Generative AI System Attacks threaten AI’s filters and restrictions, intended to generate content deemed harmful or illegal.
  • Supply Chain Attacks attack ML artifacts and platforms with the intention of arbitrary code execution and delivery of traditional malware.
Securing AI: Challenges & Best Practices

While industries are reaping the benefits of increased efficiency and innovation thanks to AI, many organizations do not have proper security measures in place to ensure safe use. Some of the biggest challenges reported by organizations in securing their AI include:

  • Shadow IT: 61% of IT leaders acknowledge shadow AI, solutions that are not officially known or under the control of the IT department, as a problem within their organizations.
  • Third-Party AIs: 89% express concern about security vulnerabilities associated with integrating third-party AIs, and 75% believe third-party AI integrations pose a greater risk than existing threats.

HiddenLayer provided the following recommendations for organizations to begin securing their AI:

  • Discovery and Asset Management: Begin by identifying where AI is already used in your organization. What applications has your organization already purchased that use AI or have AI-enabled features?
  • Risk Assessment and Threat Modeling: Perform threat modeling to understand the potential vulnerabilities and attack vectors that could be exploited by malicious actors to complete your understanding of your organization’s AI risk exposure.
  • Data Security and Privacy: Go beyond the typical implementation of encryption, access controls, and secure data storage practices to protect your AI model data. Evaluate and implement security solutions that are purpose-built to provide runtime protection for AI models.
  • Model Robustness and Validation: Regularly assess the robustness of AI models against adversarial attacks. This involves pen-testing the model’s response to various attacks, such as intentionally manipulated inputs.
  • Secure Development Practices: Incorporate security into your AI development lifecycle. Train your data scientists, data engineers, and developers on the various attack vectors associated with AI.
  • Continuous Monitoring and Incident Response: Implement continuous monitoring mechanisms to detect anomalies and potential security incidents in real-time for your AI, and develop a robust AI incident response plan to quickly and effectively address security breaches or anomalies.

For more information, view the full report here.

Read more about cybersecurity and business continuity issues from Continuity Insights.

LinkedInFlipboardPinterestRedditSMSWhatsApp

What Is AI’s Role In Reinforcing Cyber Defenses?

EPA Strengthens Chemical Accident Risk Management Program

Continuity Insights

Similar Articles

Quantivate Releases New Policy & Document Management Software

Governance, risk, and compliance (GRC) software and services provider Quantivate, has released its new Policy and Document Management Software solution, the latest addition to a suite of software modules designed …

New Guide to Integrating Cyber Security and Enterprise Risk Management

The National Institute of Technology and Standards (NIST) has released ‘NISTIR 8286, Integrating Cybersecurity and Enterprise Risk Management (ERM),” a new publication that aims to promote greater understanding of the …

Gaps In Cloud Resilience Call For Increased Risk Management

Companies must consider the added element of cloud risk in their disaster recovery and business continuity plans.

Leave a Comment

Address

Group C Media, Inc.
The Galleria, 2 Bridge Avenue, Suite 231
Red Bank, NJ 07701

Contact

800.524.0337

info@groupc.com

Newsletter

Read the latest news and information for business continuity professionals. Get information on new products and services from manufacturers and service providers to the industry. Learn More.

© 2024 Continuity Insights

About Contact Privacy Policy Terms of Use Advisory Board Advertise
Share to...
BufferCopyFlipboardHacker NewsLineLinkedInMessengerMixPinterestPocketPrintRedditSMSTelegramTumblrVKWhatsAppXingYummly