Australia: Adopted Guidelines for secure AI system development

On 27 November 2023, agencies from 18 countries adopted Guidelines for secure Artificial Intelligence (AI) system development, which the United Kingdom’s National Cyber Security Centre and the United States Cybersecurity and Infrastructure Security Agency developed. The Guidelines are addressed to various stakeholders, including data scientists, developers, and managers, and suggest incorporating cybersecurity as a fundamental and integral part of AI system development, a "secure by design" approach. The guidelines are divided into four key areas, secure design, development, deployment, and operation and maintenance, each with specific considerations and mitigations. The secure design phase involves understanding risks and system model design, secure development covers supply chain security and asset management, secure deployment focuses on infrastructure protection and incident management, and secure operation and maintenance involve continuous monitoring and information sharing.