The Paris AI Action Summit has put a spotlight on the urgent need to address cybersecurity risks associated with artificial intelligence (AI), with international agencies advocating for a cyber risk-based approach to ensure the trustworthiness of AI systems. The joint high-level risk analysis, led by the French National Cybersecurity Authority and co-signed by cybersecurity agencies from over 20 countries, underscores the vulnerabilities of AI systems and the necessity for robust security measures across AI supply chains.  

With AI now embedded in critical sectors such as defense, healthcare, energy, and finance, the report warns that AI-related cyber risks remain underestimated. Without proactive security measures, malicious actors could exploit AI system vulnerabilities, threatening data integrity, confidentiality, and system reliability.  

The report highlights that AI systems face the same cybersecurity threats as traditional IT systems, including attacks on hosting infrastructure and supply chains. However, AI introduces unique challenges, particularly due to its reliance on large datasets and interconnected systems.  

The main AI-specific risks outlined in the report include:  

• Poisoning attacks that alter training data to manipulate AI model outputs.  

• Extraction attacks that steal AI models or sensitive training data.

• Evasion attacks that manipulate input data to deceive AI systems.  

The risk analysis also warns of advanced generative AI-powered cyberattacks, which could automate phishing, vulnerability scanning, and social engineering at unprecedented scales.  

The report recommends a multi-pronged security strategy to mitigate AI risks, including:  

• Strengthening AI supply chain security by assessing the cybersecurity maturity of software, data providers, and computational infrastructure.  

• Enhancing transparency and explainability to reduce the risk of AI black box decision-making.  

• Implementing strict access control measures to prevent unauthorized access to AI models and datasets.  

• Ensuring continuous monitoring and risk assessment to detect emerging threats in AI-powered systems.  

The document calls on policymakers to integrate cybersecurity into AI governance frameworks, with specific proposals including:  

• Promoting AI security certifications to ensure AI models and infrastructure meet cybersecurity standards.  

• Encouraging research on AI vulnerabilities such as adversarial machine learning and privacy-preserving AI techniques.  

• Enhancing international collaboration between cybersecurity and AI safety organizations to align security policies.  

The report also underscores the importance of public-private partnerships in securing AI, urging governments, tech companies, and cybersecurity agencies to collaborate on AI threat intelligence sharing and risk mitigation strategies.  

Need Help?

If you have questions or concerns about the Paris AI Summit, or how to navigate the global AI regulatory landscape, don’t hesitate to reach out to BABL AI. Their Audit Experts can offer valuable insight, and ensure you’re informed and compliant.