Ensuring Cyber Resilience in the Age of AI

Midmarket organizations are quickly adopting generative artificial intelligence (gen AI) tools to improve efficiency and enhance quality. Whether the need is content generation, well-written sales emails, improved online customer service, more efficient onboarding of new employees, or research for new technical and business initiatives, AI can help. Today, more than 90% of organizations are using or exploring the use of AI, and 92% of organizations intend to increase their AI investments over the next three years, according to Exploding Topics.

With gen AI use in the early stages for most organizations, concerns about data security and client privacy are widespread. Organizations in every industry want to know how to ensure data privacy and integrity when using AI tools. Pondurance suggests that all organizations use best practices from the Cybersecurity Information Sheet (CSI) as the 10 steps for how to secure data used to train and operate AI systems. The CSI was developed by the U.S. National Security Agency’s Artificial Intelligence Security Center, the Cybersecurity & Infrastructure Security Agency, the FBI, and several non-U.S. security agencies.

The Pondurance team encourages everyone to read the entire CSI, and this article will briefly discuss the 10 steps to jump-start your efforts to ensure cybersecurity and data privacy in the emerging AI world. Throughout these steps, the term “AI” will be used to include gen AI, agentic AI, and traditional AI tools and systems.

1. Source reliable data and track data provenance

AI algorithms require an abundance of reliable data, so where your organization gets its data and the quality of that data are important. Quality in, quality out. Your organization can use in-house data only, third-party data providers, public databases, web scraping, crowdsourcing, or data marketplaces to source your data. But no matter how the data is obtained, it must be verified as trusted, reliable, and accurate data from an authoritative source. 

To ensure the reliability of the data, your organization needs to track the data provenance, or the origin and history of the data, using metadata. Data provenance tells your team where the data came from, how it was created, who created it, and any updates or changes that have been made to it. Best practices also suggest that the database should be cryptographically signed and should include an unchangeable, append-only ledger so that no one can manipulate the data without detection.

2. Verify and maintain data integrity 

Once your organization has sourced accurate, reliable, and trustworthy AI data, the data’s integrity must be maintained over time. The data must remain in its original state with no unauthorized modifications during storage and transport. To ensure data integrity, your team should use checksums — small blocks of data derived from other blocks of data to detect errors introduced during storage and transport — and cryptographic hashes to verify that the data has not been altered. 

3. Use digital signatures

Using digital signatures is another way to ensure data integrity. In particular, your organization should require quantum-resistant digital signatures for data used during AI model training, alignment, fine-tuning, and reinforcement learning from human feedback. Quantum-resistant digital signatures use cryptographic algorithms that are designed to stay protected into the future because the algorithms are based on mathematical problems that even a quantum computer cannot easily crack. Cryptographic signatures should be used on all original versions, and any later modifications should be signed by the individual making the changes.

In addition, your organization should use trusted certificate authorities throughout the verification process. These entities validate the digital identity of websites, email addresses, organizations, and individuals and issue digital certificates to prove authenticity. 

4. Leverage trusted infrastructure

The use of AI can add vulnerability to your network. For added protection, your organization should leverage zero-trust architecture to keep sensitive data safe and unaltered. This security framework is based on three principles: verify, use least privilege access, and assume a breach. With zero-trust architecture, your team must always assume a breach is imminent and verify every request as if it were a potential threat. The “never trust, always verify” approach reinforces data integrity processes and reduces risk to data for a more capable, transparent AI system.

5. Classify data and use access controls

Data classification helps organizations identify and categorize data to apply proper security measures, such as stringent encryption and access controls, to different types of data. Classifying data can help your organization better understand what type of data it has, how sensitive the data is, and who should have access to it. Overall, the input data and output of AI systems should be classified at the same level.

Best practices suggest that organizations classify data based on sensitivity and protection requirements. Safeguarding sensitive data is required for compliance with federal and state privacy laws. Sensitive information can include:

• Personally identifiable information - names, addresses, and social security numbers

• Protected health information - medical records, health insurance information, and patient histories

• Financial data - credit card numbers, bank account numbers, credit histories, and tax information

• Intellectual property - trade secrets, patents, and copyrights

• Biometrics - fingerprints, voiceprints, facial recognition data, and retinal scans

6. Encrypt data

To secure data at rest, in transit, and during processing, your organization should implement advanced encryption protocols that are comparable to your overall data protection level. Advanced Encryption Standard with a 256-bit key (AES-256) is the industry gold standard for securing data, as its number of possible key combinations makes it nearly impenetrable in a brute force attack. In particular, as a best practice for securing data in transit, your team should use protocols such as transport layer security, a cryptographic protocol used to provide security to applications transmitting data over a network, along with AES-256 or postquantum encryption.

7. Securely store data

When your organization stores sensitive data for AI, it must be secured in certified storage devices that enforce National Institute of Standards and Technology (NIST) compliance to provide a high level of security against an attack. This data storage requirement covers areas related to the design and implementation of the cryptographic module, which is the hardware and software that support security functions. 

Four levels of storage are defined in the NIST standards. Best practices single out Level 3 for robust protection but acknowlege that the security level should be based on an organization’s needs and risk assessments.

• Level 1 – Offers basic security that does not require specific physical security mechanisms and allows the cryptographic module to be executed on an unevaluated operating system.

• Level 2 – Adds a requirement for tamper evidence, such as coatings, seals, or pick-resistance locks, and requires role-based authentication.

• Level 3 – Requires physical security mechanisms that provide a high probability of detection and response if a threat actor attempts to access the cryptographic module. This level includes identity-based authentication and requires that organizations perform the entry or output of plaintext critical security parameters using physically separated ports or interfaces. 

• Level 4 – Provides complete protection of the cryptographic module to detect and respond to all unauthorized attempts for access.

8. Leverage privacy-preserving techniques

AI data privacy can ensure compliance, reduce legal risks, and build trust with clients. Your organization can leverage privacy-preserving techniques to increase data security. Best practices list three specific techniques to consider:

• Data depersonalization techniques, such as data masking, are processes where sensitive data is replaced or altered with plausible but false data to protect the sensitive data while AI tools use it for training, testing, and analysis. For instance, customer names can be replaced with fake names or date fields can be altered by adding or subtracting a random number of days. Best practices specifically recommend using data masking during AI model training and development to safeguard sensitive data.

• Differential privacy is a quantifiable way to balance privacy and usefulness in a dataset. The technique adds random noise to the data before storing it in the AI system, making it difficult for threat actors to identify individual data points within the data. Differential privacy allows organizations to analyze and transfer data while still protecting sensitive data and maintaining compliance with privacy laws. 

• Decentralized learning techniques, such as federated learning, allow multiple local devices to train a single shared AI model without directly sharing their own data. Instead, only the AI model updates are centrally aggregated. This machine learning approach ensures data privacy and security because the sensitive data never leaves the local devices. Best practices recommend using secure multiparty computation for training and inferencing processes.

9. Securely delete data

Organizations must maintain appropriate controls over their AI data even when deleting it. Before disposing of data or reusing drives used for AI data storage, your organization should erase the existing data using a secure deletion method. Best practices note three secure deletion methods:

• Cryptographic erase. This method sanitizes the cryptographic keys that encrypt the data, leaving only the ciphertext on the storage device. With the encryption ability gone, the remaining encrypted data is unrecoverable. Cryptographic erase is fast and highly reliable for deletion of data, but it should only be used for data that was encrypted on the device prior to storage.

• Block erase. This deletion method erases a block of data by applying a high voltage level to all NAND cells on a solid-state drive or by using device-specific commands to wipe a flash memory device.

• Data overwrite. This method replaces the existing data on a storage device by writing over it with insignificant data or patterns. The process is time-consuming as it requires multiple passes to assure that the sensitive data is no longer recoverable. 

10. Conduct risk assessments

Before using AI, organizations need to understand the risks of the technology, including AI hallucinations, bias, denial-of-service attacks, privacy and data security risks, and compliance violations. A risk assessment enables your organization to evaluate your cyber landscape, identify potential risks and vulnerabilities, and prioritize the actions needed to keep your data safe while using AI. Assessments must be ongoing and adhere to industry-standard frameworks to help your organization continuously improve its data security measures. Pondurance recommends that every organization conduct a risk assessment to evaluate changes to the network due to the adoption of AI tools.

Conclusion

Midmarket organizations in every industry are adopting gen AI tools and exploring the use of agentic AI, and concerns about data integrity, data privacy, and data security are commonly part of the transition. Fortunately, AI best practices from the CSI are available to help organizations take the necessary steps to keep data unaltered, private, and secure. Managed detection and response solutions like the one provided by Pondurance are working hard to stay ahead of the associated threats of using AI. Learn more by getting a demo today.