NSA Releases New Guidance for AI Data Security

By

The CSI outlines practical steps for secure data handling.

The NSA’s Artificial Intelligence Security Center, in conjunction with other agencies, has released a new Cybersecurity Information Sheet (CSI) with recommendations for secure handling of data used in the development, testing, and operation of AI-based systems.

“AI Data Security: Best Practices for Securing Data Used to Train & Operate AI Systems” provides an overview of the AI system lifecycle and focuses on three particular areas of data security risk: data supply chain, maliciously modified (“poisoned”) data, and data drift.

Along with specific risks and mitigation strategies, the CSI outlines 10 broad steps for secure data handling:

  1. Verify that data sources use trusted, reliable, and accurate data.
  2. Verify and maintain data integrity during storage and transport.
  3. Use digital signatures to authenticate trusted data revisions.
  4. Leverage trusted infrastructure.
  5. Classify data and use access controls.
  6. Encrypt data.
  7. Store data securely.
  8. Leverage privacy-preserving techniques.
  9. Delete data securely.
  10. Conduct ongoing data security risk assessments.

This document is jointly authorized by the Cybersecurity and Infrastructure Agency (CISA), Federal Bureau of Investigation (FBI), Australian Signals Directorate’s Australian Cyber Security Center, New Zealand’s National Cyber Security Center, and UK’s National Cyber Security Center.
Learn more from the NSA.
 
 

 
 
 

06/02/2025

Related content

  • NSA Issues Zero Trust Guidelines for Network Security
  • News for Admins
    In the news:Open Source AI Definition Now Available; Sysdig Report Highlights LLMjacking and Other Security Threats; Microsoft Releases OpenHCL, an Open Source Paravisor; NASA Moves Forward with Lunar Time Zone; Open Source Malware on the Rise, According to Sonatype Report; Six Principles of Operational Technology Cybersecurity Released; New Password Rules Recommended by NIST; OpenSSH 9.9 Released; Docker Updates Usage Plans.
  • Ongoing Cyberattack Prompts New CISA Guidance for Communications Infrastructure
  • Tech News
    In the news: Hetzner Announces S3-Compatible Object Storage; Ongoing Cyberattack Prompts New CISA Guidance for Communications Infrastructure; OpenMP 6.0 Released; Open Source Development Improves Software Security, Says LF Report; Most Organizations Are Unprepared for Climate-Related Disruptions; and SUSE Cloud Observability Announced.
  • News for Admins
    In the news: DHS Releases New Guidelines for Securing Critical Infrastructure; Datadog Report Examines DevSecOps Best Practices; Upskilling Key to Tech Staffing Challenges, Says LF Survey; 2024 Open Source Pros Job Survey Report Released; OpenSSF Issues Guidance to Help Prevent Social Engineering Attacks; Black Duck Supply Chain Edition Released by Synopsys; Spectra Logic Announces New Tape Libraries and Management Software; LPI Launches Open Source Essentials Program; Apache Software Foundation Celebrates 25 Years; SUSE Announces Rancher Prime 3.0; NSA Issues Zero Trust Guidelines for Network Security; and NIST Releases Major New Version of Cybersecurity Framework.
comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs



Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”>
	</a>

<hr>		    
			</div>
		    		</div>

		<div class=