As a security solutions architect at a leading cloud provider, the author has worked with dozens of organizations to design and implement secure infrastructures for their AI initiatives. This has revealed that while the potential benefits of AI are immense, so too is the risk if AI is not responsibly managed. There are real-world security challenges that organizations face when deploying AI. Therefore, it is essential to devise and execute practical strategies that assist organizations in risk mitigation.
Challenges With AI Deployment
One of the most common pitfalls in AI deployment occurs when organizations rush to deploy AI without establishing a strong data security and governance foundation. In one particularly egregious case the author experienced; a healthcare company used an unsecured Elasticsearch database to store sensitive patient data for its AI-powered diagnostic tool. The database was publicly accessible, putting millions of patient records at risk. When the issue was discovered during a routine security assessment, the company worked to secure the database and implement proper access controls. The company also established a data governance framework to ensure that sensitive data is properly classified, encrypted, and access-controlled throughout its life cycle. The lesson learned: Before embarking on any AI initiative, it is crucial to ensure a solid data security and governance foundation.
Another frequently encountered challenge is the use of open-source AI frameworks and libraries without proper security vetting. While open-source tools such as TensorFlow1 and PyTorch2 have accelerated the development of AI, they can also introduce significant vulnerabilities if not responsibly managed. Take, for example, a financial services organization using an outdated version of an open-source library that contained a critical remote code execution vulnerability. An attacker could easily exploit this vulnerability to gain control of the organization’s AI infrastructure and steal sensitive data. To mitigate this risk, the organization could implement a rigorous process for vetting and updating open-source dependencies, including regular vulnerability scans and automated patching. The organization could also transition to a containerized architecture using Kubernetes, which provides greater isolation and control over the runtime environment. Organizations must treat open-source AI components with the same level of scrutiny as they would any other critical software dependency.
A third area of concern is the lack of secure coding practices in AI development. Many data scientists and AI engineers are not trained in secure coding, which can lead to vulnerabilities such as injection attacks, cross-site scripting (XSS), and insecure deserialization. In one alarming case, a retail enterprise's AI-powered chatbot was vulnerable to a simple XSS attack that allowed an attacker to steal customer data and even take control of the chatbot itself. To remedy this, the enterprise implemented a secure development life cycle for its AI initiatives, including security training for developers, static code analysis, and penetration testing. It also established a DevSecOps pipeline that automatically scans for vulnerabilities and enforces security policies throughout the development process. The lesson: Incorporate security into every stage of the AI development life cycle, from design to deployment and beyond.
Recommendations for Organizations
So, what can security professionals do to help their organizations build secure and compliant AI infrastructures? There are a few key recommendations:
- Establish a strong data security and governance foundation before embarking on any AI initiative. This includes classifying data based on sensitivity, encrypting data at rest and in transit, implementing strict access controls, and auditing data access and usage.
- Implement a rigorous process for vetting and securing open-source AI components, including regular vulnerability scans, automated patching, and runtime isolation using containers or virtual machines.
- Train AI developers in secure coding practices and implement a secure development life cycle, incorporating security at every stage of the AI development process.
- Leverage cloud security tools and services to automate security tasks and enforce policies across the AI infrastructure. For example, Azure Security Center3provides unified security management and advanced threat protection across hybrid cloud workloads, while Amazon GuardDuty4uses machine learning to detect suspicious activity and unauthorized access.
- Partner with compliance and legal teams to ensure that AI initiatives meet relevant industry standards5and regulations, such as the US Health Insurance Portability and Accountability Act (HIPAA) for healthcare, the EU General Data Protection Regulation (GDPR) for data privacy, and SOC 2 for service organizations.
Building secure and compliant AI infrastructure is a complex and ongoing process. However, by following best practices and learning from the experiences of others, organizations can unlock the full potential of AI while minimizing risk. Security professionals play a critical role in ensuring that AI is developed and deployed in a manner that upholds safety, security, and responsible practices. By staying vigilant, proactive, and collaborative, we can help build a future where AI is a force for good, not a source of fear and uncertainty.
Endnotes
1 TensorFlow, “An End-to-End Platform for Machine Learning”
2 PyTorch, PyTorch
3 Microsoft, Microsoft Defender for Cloud
4 AWS, “What is Amazon GuardDuty?”
5 National Institute of Standards and Technology (NIST), Special Publication 800-53 Rev.5, Security and Privacy Controls for Information Systems and Organizations, September 2020
Vaibhav Malik
is a Global Security Solution Architect who designs and implements effective security solutions for customers. With over 12 years of experience in networking and security, Vaibhav is a recognized industry thought leader and expert in Zero-Trust Security Architecture. Malik has held key roles at several large service providers and security companies, where he helped Fortune 500 clients with their network, security, and cloud transformation projects. He advocates for an identity and data-centric approach to security and is a sought-after speaker at industry events and conferences. Malik holds a master’s degree in Telecommunication from the University of Colorado Boulder, USA, and an MBA from the University of Illinois Urbana Champaign, USA. His deep expertise and practical experience make him a valuable resource for organizations seeking to enhance their cybersecurity posture in an increasingly complex threat landscape.
