A risk-based strategy to promote trusted artificial intelligence ( AI ) systems and secure AI supply chains has been jointly promoted by Canadian and French cybersecurity agencies. This program affects different sectors, including military, energy, healthcare, and finance, highlighting the widespread impact of Artificial across industries. Although the implementation of AI offers significant opportunities for improvement and performance, it also presents potential risks. Hackers does take advantage of flaws in AI systems, compromise their validity, and prevent the use of AI systems from being deployed safely. The direction emphasizes the value of taking proactive steps to reduce these risks and make sure that all industries use Artificial responsibly and securely.
Organizations and stakeholders need to assess the risks associated with their increased reliance on AI and their rapid adoption of large language models ( LLMs) in the joint guidance titled” Building trust in AI through a cyber risk-based approach.” It is crucial to foster trust in AI development and implementation by understanding and minimizing these threats. These Artificial systems are subject to the same cyber security risks as any other form of data. However, there are Artificial -specific threats, particularly those related to the central part of data in , that pose unique challenges to confidentiality and dignity.  ,
The report included recommendations for AI users, operators, and developers, including adjusting the AI system’s freedom amount to the risk analysis, business requirements, and criticality of the actions taken, mapping the Artificial supply chain, tracking interconnections between AI systems and other information systems, and ongoing maintenance and monitoring of AI systems. Additionally, it recommends developing a process to anticipate significant technological and regulatory changes, discovering novel and potential threats, and providing training and raising awareness.  ,
The Canadian-French guidance provides a risk analysis that takes into account both the security of broader AI systems integrating these components and the vulnerabilities of individual AI components. Instead of a comprehensive list of vulnerabilities, it aims to give a broad overview of AI-related cyber risks. If adequate security measures are not in place, the deployment of AI systems can open up new avenues of attack for liars. Therefore, a risk analysis to assess the risks and determine appropriate security measures should be included in such a deployment.
The document also includes recommendations for prohibited AI systems from automating crucial actions, ensuring that AI is properly integrated into crucial processes with safeguards, conducting a dedicated risk analysis, and examining the security of each stage of the AI system lifecycle.  ,
It identifies that an AI system can also be attacked at various stages of its lifecycle, starting with raw data collection and then inference. In general, AI-specific attacks fall under three categories: poisoning: modifying training data or model parameters to alter the AI system’s response to all inputs or to a specifically crafted input, extraction: reconstruction or recovery of sensitive data, including model parameters, configuration or training data, from the AI system or model after the learning phase, and evasion: altering input data to alter the AI system’s expected functioning.
Evidently, these attacks could lead to the malfunctioning of an AI system (availability or integrity risks ), where the dependability of automated decisions or procedures can be compromised, as well as in sensitive data theft or disclosure ( confidentiality risk ).
Additionally, understanding AI supply chains is crucial to reducing the risks brought on by suppliers and other parties involved in a particular AI system. AI supply chains generally rest on three pillars – computational capacity, AI models and software libraries, and data. Each pillar involves distinct, sometimes common, players whose level of cybersecurity maturity may vary considerably.
The main risks scenarios involving an AI system are compromising AI hosting and management infrastructure where malicious hackers could impact the confidentiality, integrity, and availability of an AI system by exploiting common vulnerabilities, whether technical, organizational, or human.  ,
An attack on the supply chain could exploit a flaw in one of the supply chain stakeholders. The interconnections between AI systems and other systems, where AI systems are frequently linked together to each other for communication and effective data integration, are what causes lateralization. These interconnections could lead to additional risks, such as those posed by indirect prompt injection, which exploit LLMs by putting malicious instructions into external sources that an attacker controls.
The guidance identified human and organizational failures as a lack of training that can lead to an over-reliance on automation and insufficient ability to recognize anomalous behaviors of AI systems. In addition, shadow AI4 can increase risks such as loss of confidential data, regulatory violations, reputational damage to the organization’s image, etc.  ,
Also, malfunction in AI system responses, where an attacker could compromise a database used to train an AI model, causing erroneous responses once it is in production. This attack necessitates a lot of effort from the attacker because AI model designers ‘ practices tend to improve their resilience to intentional and malicious training data poisoning, but they can be particularly dangerous when used to categorize data, such as images used in a health or physical security context.
The guidance should be a first step when considering the use of an AI system when analyzing the sensitiveness of the use-case. The complexity, the cybersecurity maturity, the auditability, and the explainability of the AI system should correspond with the cybersecurity and data privacy requirements of the given use case. When a decision is made to develop, to deploy or use an AI solution, the Canadian and French agencies provide guidelines that constitute good practices for AI users, operators, and developers.  ,
These suggestions include adjusting the AI system’s autonomy level to the risk analysis, the business requirements, and the degree of criticality of the actions taken. Where necessary, human validation should be incorporated into this process because it will aid in addressing the reliability and cyber risks inherent in the majority of AI models. Mapping of the AI supply chain, including AI components and other hardware and software components, as well as datasets.  ,
Additionally, the organizations advise keeping track of the connections between AI and the rest of the information system to ensure that each of them is necessary in order to reduce the number of attack paths. They must also keep an eye on and maintain AI systems to make sure they function as intended without bias or vulnerability, which could affect cybersecurity, thus reducing the risks posed by the “black box” nature of some AI systems.  ,
Additionally, organizations must implement a process to anticipate significant technological and regulatory changes and identify potential new threats in order to be able to adapt strategies and deal with challenges in the future. educating and spreading awareness internally about the challenges and risks of AI, including executives to make sure high-level decision-making is well informed.
In the rapidly evolving cybersecurity landscape, Takepoint Research revealed data last October that showed that 80 % of respondents believed the advantages of AI in industrial cybersecurity outweigh its risks. AI is particularly effective in threat detection ( 64 percent ), network monitoring ( 52 percent ), and vulnerability management ( 48 percent ), showcasing its growing role in enhancing defenses within OT ( operational technology ) environments. According to the survey, industrial asset owners are most concerned about overreliance on artificial intelligence, artificial system manipulation, and false negatives.
