3. Data & Technology
  5. Singapore: CSA officially launches guidelines on AI security

Singapore: CSA officially launches guidelines on AI security

29 Oct 2024    3 minute read
Artificial Intelligence AI AI Security Machine Learning Generative AI Cybersecurity Agency of Singapore Guidelines on Security AI Systems Companion Guide on Securing AI Systems DT Featured Content

In brief

Following its previous public consultation, which ended in September 2024, the Cyber Security Agency of Singapore (CSA) has officially launched its Guidelines on Securing AI Systems ("Guidelines") to address the growing cybersecurity risks associated with AI.

The Guidelines, which were published on 15 October 2024, aim to ensure that AI systems are secure by design and default, mitigating both classical and novel cybersecurity threats. They also aim to provide system owners with principles for raising awareness and implementing security controls throughout the AI lifecycle.

This is accompanied by the official launch of the Companion Guide on Securing AI Systems ("Companion Guide"), a community-driven resource that sets out practical controls that system owners may consider in adopting AI systems. It is not prescriptive and contains practical measures, security controls and best practices from industry and academia to support system owners in implementing the Guidelines.

Both documents will be updated as living documents as the field of AI security continues to evolve.

Contents

In more detail

The Guidelines are designed to help system owners secure AI throughout its lifecycle, addressing both traditional cybersecurity risks and emerging threats specific to AI, such as adversarial machine learning. They emphasize a proactive approach, advocating for AI systems to be secure by design and secure by default. This means integrating security measures from the outset, rather than as an afterthought.

In particular, the Guidelines highlight the following:

  • Lifecycle approach to AI security, which is a comprehensive approach to securing AI systems, covering stages from planning and design, development, deployment, operations and maintenance, to end-of-life – This approach ensures that security is integrated at every phase, addressing potential risks early, and continuously adapting to new threats. System owners are encouraged to conduct regular risk assessments and implement security measures tailored to each stage of the AI lifecycle.
  • Adversarial machine learning and supply chain security, which underlines the importance of protecting AI systems from adversarial machine learning attacks and securing the AI supply chain – This includes safeguarding training data, models and software libraries from manipulation and ensuring that all components adhere to stringent security standards. The Guidelines also recommend monitoring for adversarial activities and implementing robust defenses against data poisoning and model evasion attacks.

To complement the Guidelines, the CSA has also released the Companion Guide, which curates voluntary practical treatment measures and controls that system owners of AI systems may consider to secure their adoption of AI systems. Each measure/control is designed to be used independently, to offer flexibility in customizing which measures to evaluate and what mitigations to adopt, based on a particular organization's specific needs.

The Companion Guide emphasizes the following:

  • Holistic risk assessment, which highlights the importance of conducting a comprehensive risk assessment tailored to AI systems – This involves identifying potential security risks at each stage of the AI lifecycle, from planning and design to deployment and maintenance. By systematically evaluating these risks, organizations can prioritize and implement appropriate security measures, ensuring robust protection against both traditional and AI-specific threats.
  • Supply chain security, which involves securing the AI supply chain, including by verifying the integrity of data, models and software libraries used in AI systems – The Companion Guide recommends implementing secure coding practices, conducting regular vulnerability scans, and ensuring that all components are sourced from trusted providers. These measures help mitigate risks such as data poisoning and model backdoors, which can compromise the security and reliability of AI systems.

The Guidelines and Companion Guide are intended to be living documents, updated regularly to reflect new developments in AI security. The CSA encourages feedback and suggestions (at aisecurity@csa.gov.sg) from the community to continuously improve these resources.

As the Guidelines and Companion Guide mainly address cybersecurity risks to AI systems, both do not address AI safety or other related aspects, such as transparency and fairness, in any significant detail. 

Key takeaways

As reported in our August 2024 client alert, these documents highlight the CSA's dedication to a cooperative and forward-thinking strategy in enhancing AI system security.

As Singapore strives to lead in AI innovation, these resources will be crucial in maintaining trust and ensuring that the nation's AI systems stay informed and prepared for emerging threats.

* * * * *

For further information and to discuss what this development might mean for you, please get in touch with your usual Baker McKenzie contact.

* * * * *

LOGO_Wong&Leow_Singapore

© 2024 Baker & McKenzie.Wong & Leow. All rights reserved. Baker & McKenzie.Wong & Leow is incorporated with limited liability and is a member firm of Baker & McKenzie International, a global law firm with member law firms around the world. In accordance with the common terminology used in professional service organizations, reference to a "principal" means a person who is a partner, or equivalent, in such a law firm. Similarly, reference to an "office" means an office of any such law firm. This may qualify as "Attorney Advertising" requiring notice in some jurisdictions. Prior results do not guarantee a similar outcome.

Contact Information
Andy Leck
Principal
Singapore/Yangon
Read my Bio
andy.leck@bakermckenzie.com
Ren Jun Lim
Principal
Singapore
Read my Bio
ren.jun.lim@bakermckenzie.com
Ken Chia
Principal
Singapore
Read my Bio
ken.chia@bakermckenzie.com
Sanil Khatri
Local Principal
Singapore
Read my Bio
sanil.khatri@bakermckenzie.com
Daryl Seetoh
Local Principal
Singapore
Read my Bio
daryl.seetoh@bakermckenzie.com

Copyright © 2024 Baker & McKenzie. All rights reserved. Ownership: This documentation and content (Content) is a proprietary resource owned exclusively by Baker McKenzie (meaning Baker & McKenzie International and its member firms). The Content is protected under international copyright conventions. Use of this Content does not of itself create a contractual relationship, nor any attorney/client relationship, between Baker McKenzie and any person. Non-reliance and exclusion: All Content is for informational purposes only and may not reflect the most current legal and regulatory developments. All summaries of the laws, regulations and practice are subject to change. The Content is not offered as legal or professional advice for any specific matter. It is not intended to be a substitute for reference to (and compliance with) the detailed provisions of applicable laws, rules, regulations or forms. Legal advice should always be sought before taking any action or refraining from taking any action based on any Content. Baker McKenzie and the editors and the contributing authors do not guarantee the accuracy of the Content and expressly disclaim any and all liability to any person in respect of the consequences of anything done or permitted to be done or omitted to be done wholly or partly in reliance upon the whole or any part of the Content. The Content may contain links to external websites and external websites may link to the Content. Baker McKenzie is not responsible for the content or operation of any such external sites and disclaims all liability, howsoever occurring, in respect of the content or operation of any such external websites. Attorney Advertising: This Content may qualify as “Attorney Advertising” requiring notice in some jurisdictions. To the extent that this Content may qualify as Attorney Advertising, PRIOR RESULTS DO NOT GUARANTEE A SIMILAR OUTCOME. Reproduction: Reproduction of reasonable portions of the Content is permitted provided that (i) such reproductions are made available free of charge and for non-commercial purposes, (ii) such reproductions are properly attributed to Baker McKenzie, (iii) the portion of the Content being reproduced is not altered or made available in a manner that modifies the Content or presents the Content being reproduced in a false light and (iv) notice is made to the disclaimers included on the Content. The permission to re-copy does not allow for incorporation of any substantial portion of the Content in any work or publication, whether in hard copy, electronic or any other form or for commercial purposes.

HighQ
Copyright Baker McKenzie 2024 | Disclaimers | Supplemental Privacy Statement