Guidelines and Companion Guide on Securing AI Systems

On October 15, 2024, the Cyber Security Agency of Singapore (CSA) introduced the Guidelines on Securing AI Systems and the accompanying Companion Guide to address cybersecurity risks associated with artificial intelligence (AI). These resources aim to ensure AI systems are secure by design and default, prioritizing safety, security, and responsible outcomes throughout the AI lifecycle. The Guidelines focus on protecting AI systems from traditional cybersecurity risks, such as supply chain attacks, and emerging threats like adversarial machine learning, which could lead to data breaches or harmful outcomes.

The Companion Guide, developed in collaboration with AI and cybersecurity experts, provides a community-driven reference to complement the Guidelines. While not prescriptive, it curates practical security measures, controls, and best practices from industry and academia, offering actionable insights for system owners. Key references include the MITRE ATLAS database and OWASP’s Top 10 for Machine Learning and Generative AI, helping users navigate the evolving landscape of AI security.