Securely Deploying AI Systems: New Guidance from the NSA

05.02.24 10:20 AM
Today, technological advancement happens rapidly, and many organizations look to leverage the latest

tech to secure a competitive advantage. The issue is that deploying new systems and solutions typically

comes with risk. Artificial intelligence (AI) systems are increasingly integral to organizational operations,

making them prime targets for cyber threats.

Recognizing this vulnerability, the National Security Agency (NSA) has issued new guidance aimed at

fortifying the deployment and maintenance of AI systems against malicious cyber actors.

The Growing Importance of AI Security

AI systems are not just tools but central frameworks within which modern businesses operate. Their

rapid deployment has made them valuable for efficiency and innovation but also attractive to

cybercriminals. The NSA highlights that these systems are under threat for different reasons than many

other organizational assets. Traditionally, companies focused on hardware, software, and networks that

handle sensitive information and intellectual property. However, AI systems create a new opportunity

for cyber attackers, as the systems are leverageable for malicious purposes.

Ultimately, such threats necessitate robust security measures, adapted not only to traditional IT

frameworks but also to the unique challenges posed by AI technologies.

Comprehensive Defense Strategies

The guidance underscores the importance of a multi-layered defense strategy, incorporating both

specific AI security measures and broader IT security practices. It advocates for securing the deployment

environment, continuously protecting the AI system, and maintaining stringent operational security.

These practices are aligned with the cross-sector Cybersecurity Performance Goals (CPGs) developed by

the Cybersecurity and Infrastructure Security Agency (CISA) and the National Institute of Standards and

Technology (NIST), which provide foundational security practices to counter prevalent cyber threats.

Best Practices for Secure Deployment

Securing the Deployment Environment

The NSA stresses that AI systems should be deployed within secure and robust IT infrastructures.

Organizations are urged to ensure that their IT environments, where AI systems are hosted, adhere to

strict security protocols, including strong governance, secure architecture, and comprehensive risk

management strategies. This includes the management of deployment environment governance,

ensuring a well-designed architecture, and applying hardened configurations.

As a foundation, understanding an organization’s risk level is paramount, as that allows the company to

determine if the AI solution fits within risk tolerance limits. Assessing the broader environment and

identifying security boundaries – as well as how the AI system fits into the larger picture – is similarly


Continuous Protection and Operational Security

As with other security areas, continuous vigilance is crucial when integrating AI systems into an

organization’s technology environment. The NSA recommends regular updates and patches to AI

systems, stringent access controls, and robust monitoring to detect and respond to potential security

incidents swiftly. It also emphasizes the importance of protecting sensitive AI components like model

weights, training data, and logs through encryption and access control mechanisms.

Before deploying AI solutions, inspecting models prior to introducing them into the broader tech system

is similarly crucial. That creates opportunities to identify malicious code before deployment, ensuring

model validity and security. When possible, use AI-specific scanners and automate threat detection,

analysis, and response as a means of enhancing IT security efficiency.

Collaboration and Culture of Security

Promoting a collaborative security culture within organizations is also vital to the equation. This involves

integration between data science, infrastructure, and cybersecurity teams to address security concerns


The NSA advises fostering environments where risks are openly discussed and addressed in a timely

manner, ensuring that all stakeholders understand their roles and responsibilities in maintaining AI

security. Offering training to bolster user awareness is similarly wise, allowing every employee to play a

critical role in safeguarding internal solutions, systems, and data.

Emphasizing Vendor and Third-Party Security

Given the complex supply chains involved in developing and deploying AI systems, the NSA guide also

covers the necessity of securing external components. Organizations are encouraged to scrutinize the

security practices of third-party vendors and service providers, particularly those supplying AI models or

components, to ensure they meet organizational security standards.

Ultimately, the NSA's guidance on securely deploying AI systems provides a comprehensive framework

aimed at mitigating the risks associated with AI technologies. By implementing these robust security

measures, organizations can protect their AI investments from sophisticated cyber threats, ensuring that

their operations remain secure and resilient in the face of evolving challenges.

This guidance serves not only as a set of recommendations but as a call to action for proactive security

management in the deployment of AI systems. As AI becomes more commonplace in the world of

business, staying ahead of the curve is essential, making any steps today worthwhile as they lead to a

more secure tomorrow.

Derek Roush