New CISA AI Road Map Charts Course for Responsible Adoption

The U.S. Cybersecurity and Infrastructure Security Agency wants to take a leadership role in the federal government’s adoption of artificial intelligence systems.

See Also: Live Webinar | Generative AI: Myths, Realities and Practical Use Cases

CISA published a road map for AI on Tuesday that identifies five lines of effort the cyber defense agency will take on to ensure the secure development and deployment of responsible AI tools. The guidance says CISA will “assess and assist secure by design, AI-based software adoption across a diverse array of stakeholders,” including federal agencies and the private sector.

CISA also said it will help spearhead collaborative efforts across agencies and with international partners to develop policy for the U.S. government’s national AI strategy, in addition to supporting a “whole-of-DHS approach on AI-based software policy issues.”

Department of Homeland Security Secretary Alejandro Mayorkas said in a statement that DHS “has a broad leadership role in advancing the responsible use of AI.”

“This cybersecurity road map is one important element of our work,” he added.

CISA plans to use AI-enabled software tools to help mitigate threats to critical infrastructure and strengthen cyber defenses, according to the road map. The agency said it will also establish “robust AI governance processes” to coordinate oversight processes as well as legal, civil rights and privacy considerations, among others.

The agency aims to establish incident response capabilities for AI usage and incorporate cyber defense, incident management and redress procedures into AI models.

The White House in October issued an executive order that set new security standards for AI systems across the federal government and tasked DHS with establishing an AI Safety and Security Board. The executive order also directed DHS to apply new standards from the National Institute of Standards and Technology to the nation’s 16 critical infrastructure sectors.

CISA – a component of DHS and one of the newest federal agencies, having been formed in 2018 – has led governmentwide and public-private sector initiatives focused on bolstering national cybersecurity through the use of emerging technologies, risk management frameworks and enhanced information sharing programs.

Other agencies have published their own guidance on AI. They include the Department of Defense, which in early November released a strategy that promotes the rapid and responsible adoption of AI systems. The Justice Department on Nov. 8 announced that it was launching an emerging technology board to help ensure the ethical use of AI tools throughout the agency.

CISA Director Jen Easterly said in a statement that the new guidance “sets forth an agencywide plan to … ensure AI systems are protected from cyber-based threats” and “deter the malicious use of AI capabilities to threaten the critical infrastructure Americans rely on every day.”