AI Experts: Account for AI/ML Resilience & Risk While There's Still Time
CISOs and cybersecurity teams will play a key role in hardening artificial intelligence and machine learning systems.
Machine learning supports malware detection and threat analysis, but attackers can also exploit biased data, model weaknesses, or poisoned training.
Search across headline titles and summaries.
Background for this topic.
Machine learning is a way to build software that learns patterns from data and uses them to classify, predict, or make decisions, rather than relying solely on hand-written rules. Models may support malware and phishing detection, user- or entity-behavior analysis, vulnerability prioritization, and automated security triage. Their outputs are probabilistic, so unusual activity can be missed or incorrectly flagged; changing normal behavior can also cause model drift and reduce accuracy.
Security teams must protect both the model and its training data. An attacker may manipulate training examples (data poisoning), craft inputs designed to evade detection (adversarial examples), or extract sensitive information from a model or its data. Controls include trusted data provenance, access restrictions, testing against realistic evasive inputs, monitoring for drift, and human review of high-impact decisions. Where models process personal, proprietary, or security telemetry, collection, retention, and reuse require appropriate privacy and governance controls.
CISOs and cybersecurity teams will play a key role in hardening artificial intelligence and machine learning systems.