CoSAI: Securing the future of artificial intelligence

CoSAI

The Coalition for Secure AI was established by an impressive roster of tech giants, including Amazon, Google, IBM, Intel, Microsoft, NVIDIA, OpenAI, PayPal, and others.

Operating under the auspices of OASIS Open, a global nonprofit consortium known for its work in developing open standards, CoSAI leverages OASIS’s extensive experience in fostering industry-wide collaboration and creating robust frameworks for technology and security standards.

The primary mission of CoSAI is to mitigate the security risks inherent in AI systems. This mission encompasses a wide range of security issues such as model theft, data poisoning, prompt injection attacks, and the extraction of confidential information from AI training data. By developing and promoting best practices and comprehensive security standards, CoSAI aims to ensure that AI technologies are both secure-by-design and resilient against emerging threats.

Goals and operational framework

CoSAI's goals are ambitious yet crucial for the safe advancement of AI technologies. It focuses on ensuring the integrity and security of AI systems throughout their lifecycle. This includes equipping security practitioners with the necessary tools and knowledge to handle AI-related threats and developing guidelines for the ethical and secure use of AI technologies. By fostering collaboration among industry leaders, CoSAI aims to create a unified approach to AI security that can be adopted globally.

OASIS Open provides the operational framework for CoSAI, offering a neutral platform for collaboration and standard development. This partnership allows CoSAI to benefit from OASIS’s established processes for creating and promoting open standards, which are essential for ensuring interoperability and widespread adoption of secure AI practices.

The Secure AI Framework (SAIF)

An integral part of CoSAI’s strategy is the Secure AI Framework (SAIF), introduced by Google. SAIF outlines a comprehensive approach to enhancing AI security, focusing on several key areas:

• Expanding security foundations: Leveraging secure-by-default infrastructure protections to safeguard AI systems and users.
• Extending detection and response: Incorporating AI into organisational threat detection and response capabilities to monitor for anomalies and anticipate attacks.
• Automating defences: Using AI innovations to scale and speed up responses to security incidents.
• Harmonising platform-level security: Ensuring consistent security measures across various AI platforms and applications.
• Fostering collaboration: Engaging with industry partners to share threat intelligence and best practices.
• Supporting open source security: Making AI supply chain security information universally accessible and verifiable.

SAIF is designed to address specific risks associated with AI systems, such as model theft, data poisoning, and prompt injection attacks.

The impact of CoSAI

The formation of CoSAI is expected to have a significant impact on the AI landscape. By uniting major technology companies under a common goal, CoSAI aims to set a global standard for AI security. This collaborative effort is anticipated to result in the development of comprehensive security standards for AI systems, increased resilience of AI technologies against cyber threats, and enhanced trust in AI systems among businesses and consumers.

Moreover, CoSAI’s initiatives align with regulatory frameworks such as the EU AI Act, which sets stringent requirements for AI security and governance. By operating within this regulatory landscape, CoSAI is well-positioned to lead the charge in creating a secure AI environment that meets global standards.