_Björn_Forenius_Alamy.jpg?disable=upscale&width=1200&height=630&fit=crop "Why LLMs are just the tip of the AI safety iceberg")
COMMENT
It’s clear from the headlines that the security risks associated with generative AI (GenAI) and large language models (LLMs) have not gone unnoticed. This attention is not undeserved – AI tools do indeed bring real risks, ranging from “hallucinations” to exposure of private and proprietary data. Still, it’s important to recognize that they are part of a much broader attack surface associated with AI and machine learning (ML).
The rapid rise of AI has fundamentally transformed companies, industries and sectors, while also introducing new business risks ranging from intrusions and security breaches to the loss of proprietary data and trade secrets.
AI is nothing new—companies have been integrating various forms of this technology into their business models for more than a decade—but the recent mass adoption of AI systems, including GenAI, has changed the landscape. Today’s open software supply chains are incredibly important for innovation and business growth, but they come with risks. As mission-critical systems and workloads increasingly use AI, attackers are taking notice and targeting—and attacking—these technologies.
Unfortunately, due to the lack of transparency in these systems, most enterprises and government agencies are unable to identify these widely dispersed and often invisible risks. They lack visibility into the threat areas and lack the necessary tools to enforce security policies on the assets and artifacts entering or being used in their infrastructure. Additionally, they may not have had the opportunity to train their teams to effectively manage AI and ML resources. This could lay the foundation for an AI-related SolarWinds– or MOVEit supply chain security incident.
To make matters even more complicated, AI models typically encompass a vast ecosystem of tools, technologies, open source components, and data sources. Malicious actors can inject vulnerabilities and malicious code into tools and models located within the AI development supply chain. With so many tools, pieces of code, and other elements floating around, transparency and visibility are becoming increasingly important, yet this visibility remains frustratingly out of reach for most organizations.
A look beneath the surface (of the iceberg)
What can organizations do? They should implement a comprehensive security framework for AI, such as MLSecOpsthat provides transparency, traceability, and accountability in AI/ML ecosystems. This approach supports secure-by-design principles without impacting regular business operations and performance.
Here are five ways to implement an AI safety program and mitigate risks:
-
Introduction of risk management strategies: It is important to have clear policies and procedures to ensure safety, bias, and fairness across your entire AI development stack. Tools that support policy enforcement enable you to efficiently manage risks across regulatory, technical, operational, and reputational areas.
-
Identify and resolve vulnerabilities: Advanced security scanning tools can identify vulnerabilities in the AI supply chain that could cause unintended or intentional harm. Integrated security tools can scan your AI bill of materials (AIBOM) and highlight potential vulnerabilities and suggested fixes in tools, models, and code libraries.
-
Create an AI parts list: Just as a traditional software bill of materials catalogs, inventories, and tracks various software components, an AIBOM catalogs, inventories, and tracks all the elements used in building AI systems. This includes tools, open source libraries, pre-trained models, and code dependencies. With the right tools, it is possible to automate AIBOM generation, creating a clear snapshot of your AI ecosystem at any time.
-
Use open source tools: Free, open-source security tools designed specifically for AI and ML offer many benefits. These include scanning tools that can detect and protect against potential vulnerabilities in ML models and trigger injection attacks in LLMs.
-
Promote collaboration and transparency: AI bug bounty programs provide early insight into new vulnerabilities and a mechanism to remediate them. Over time, this collaborative framework strengthens the overall security posture of the AI ecosystem.
LLMs are transforming the economy – and the world. They offer remarkable opportunities to innovate and redesign business models. But without a safety-first mindset, they also pose significant risks.
Complex software and AI supply chains don’t have to be invisible icebergs of risks lurking beneath the surface. With the right processes and tools, organizations can implement an advanced AI security framework that makes hidden risks visible and enables security teams to track and remediate them before they have an impact.
