The Cybersecurity and Infrastructure Security Agency (CISA) has released its inaugural Roadmap for Artificial Intelligence (AI).
In October, President Biden issued an Executive Order (EO) that reflects ongoing efforts to address various aspects of AI, including safety standards, national security, critical infrastructure protection, prevention of AI-related threats, intellectual property theft and talent retention.
AI's Potential and Risks
The establishment of federal oversight on companies in cases of serious risks to national security and public well-being suggests a comprehensive approach to managing the impact of AI technologies.
“Artificial Intelligence holds immense promise in enhancing our nation’s cybersecurity, but as the most powerful technology of our lifetimes, it also presents enormous risks,” said CISA director Jen Easterly. “Our Roadmap for AI, focused at the nexus of AI, cyber defense, and critical infrastructure, sets forth an agency-wide plan to promote the beneficial uses of AI to enhance cybersecurity capabilities; ensure AI systems are protected from cyber-based threats; and deter the malicious use of AI capabilities to threaten the critical infrastructure Americans rely on every day.”
As part of that effort, CISA's roadmap outlines five strategic lines of effort that will drive concrete initiatives and outline the agency's approach to AI in cybersecurity.
The lines of effort:
- CISA will use AI-enabled software tools to strengthen cyber defense and support its critical infrastructure mission. CISA’s adoption of AI will ensure responsible, ethical, and safe use — consistent with the Constitution and all applicable laws and policies.
- CISA will assess and assist secure by design, AI-based software adoption across a diverse array of stakeholders, including federal civilian government agencies; private sector companies; and state, local, tribal, and territorial (SLTT) governments.
- CISA will assess and recommend mitigation of AI threats facing our nation’s critical infrastructure in partnership with other government agencies and industry partners that develop, test, and evaluate AI tools.
- CISA will collaborate and communicate on key AI efforts with the interagency, international partners, and the public. CISA will contribute to DHS-led and interagency efforts, including developing policy approaches for the U.S. government’s overall national strategy on cybersecurity and AI.
- CISA will continue to educate the U.S. workforce on AI software systems and techniques, and actively recruit interns, fellows, and future employees with AI expertise. CISA will ensure that internal training reflects the legal, ethical, and policy aspects of AI-based software systems in addition to the technical aspects.