Department of Homeland Security Framework Targets AI Risks in Infrastructure

Department of Homeland Security Framework Targets AI Risks in Infrastructure

On November 14, 2024, the Department of Homeland Security (DHS) issued the “Roles and Responsibilities Framework for Artificial Intelligence in Critical Infrastructure” to address AI risks in infrastructure and other critical sectors, as reported by an article by Alston & Bird. 

Developed in coordination with the Cybersecurity and Infrastructure Security Agency (CISA), the Framework identifies three key AI vulnerabilities: (1) attacks using AI, (2) attacks targeting AI systems, and (3) design and implementation failures. It builds on existing U.S. government guidelines, such as Executive Order 14110 and the DHS Safety and Security Guidelines for critical infrastructure.

According to the article, the framework outlines specific recommendations for five key stakeholder groups engaged in AI’s development and deployment:

• Cloud and Compute Infrastructure Providers: Enhance threat scanning and vulnerability reporting processes, ensure high-availability network backups, and provide clear channels for reporting suspicious activities.
• AI Developers: Implement strategies to align AI models with human values, ensure reliability under diverse conditions, and support customers’ risk assessments.
• Critical Infrastructure Owners and Operators: Maintain human oversight for critical decisions, provide transparency in AI usage, and involve executive leadership in AI-related decisions.
• Civil Society: Create educational resources, develop standards for responsible AI adoption, and safeguard privacy, civil rights, and human rights.
• Public Sector: Use AI responsibly to enhance critical services without infringing on privacy, producing discriminatory outcomes, or conflicting with core governmental functions.

The recommendations emphasize traditional security practices like incident response and network hardening, complemented by AI-specific actions to address unique risks. By promoting collaboration across these groups, DHS aims to advance AI safety and mitigate risks to national critical infrastructure.