The U.S. National Institute of Standards and Technology (NIST) has launched a new program to address the role of AI in cybersecurity and privacy. The initiative, set to begin through the National Cybersecurity Center of Excellence (NCCoE), focuses on the “cybersecurity of AI and AI for cybersecurity.” It aims to help implement NIST’s Cybersecurity Framework (CSF) 2.0.
Katerina Megas, the program manager for NIST’s AI and cybersecurity programs, emphasized the need for standards, guidelines, tools, and practices to manage cybersecurity and privacy in the AI era. The rapid integration of AI into various aspects of business and society, including its use in cybersecurity technologies, generative AI tools like ChatGPT, and by cybercriminals, highlights this need.
The program will create an AI profile for the CSF 2.0, focusing on three main aspects:
1. Addressing cybersecurity and privacy risks of AI use at organizations. 2.
Determining defenses against AI-enabled cyberattacks. 3.
Addressing AI risks in cybersecurity
Using AI in cyber defense activities and enhancing privacy protections. This community profile aims to adapt the CSF 2.0 to an AI context and could help adapt other frameworks as organizations’ use of AI tools evolves. The announcement detailed several risks and benefits associated with AI in privacy and security.
These include potential re-identification of private information from AI training datasets, AI’s use in behavioral analysis and surveillance, and its application in threat hunting and user privacy navigation online. The program builds on NIST’s previous work on AI safety and privacy. This includes “Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations” in January 2024 and recent efforts by the NIST AI Safety Institute in partnering with GenAI companies like OpenAI and Anthropic.
As AI becomes increasingly integrated into various aspects of business and society, initiatives like this new NIST program will play a crucial role in ensuring its responsible and secure adoption. By providing standards, guidelines, and best practices, NIST aims to help organizations navigate the complex landscape of AI cybersecurity and privacy.
Feeling stuck in self-doubt?
Stop trying to fix yourself and start embracing who you are. Join the free 7-day self-discovery challenge and learn how to transform negative emotions into personal growth.
