United States of America: Adopted DHS's Safety and Security Guidelines for Critical Infrastructure Owners and Operators

On 26 April 2024, the Department of Homeland Security (DHS), in collaboration with the Cybersecurity and Infrastructure Security Agency (CISA), adopted the safety and security guidelines for critical infrastructure owners and operators. The guidelines aim to mitigate risks associated with the use of artificial intelligence (AI) in critical infrastructure, and they were developed as part of Executive Order 14110 on Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence. The guidelines outline a strategy to address system-level risks through a four-part mitigation approach. The guidelines incorporate the National Institute of Standards and Technology’s (NIST) AI Risk Management Framework (RMF) and are designed to support critical infrastructure owners and operators in managing the safety and security of AI systems. In particular, the guidelines provide measures to be implemented to address attacks using AI on critical infrastructure, attacks targeting AI systems and information on how the failures in AI design and implementation can be managed.