Government cybersecurity agencies from the U.S., U.K., Australia, and New Zealand have issued a joint advisory urging organizations to strengthen security practices when developing artificial intelligence systems. The guidance emphasizes protecting AI training data, securing infrastructure, and conducting continual risk assessments to prevent attacks that could threaten critical infrastructure.
The new recommendations reflect mounting concern among Western governments that state-sponsored actors could exploit vulnerabilities in AI technologies used across essential sectors such as energy, healthcare, and water systems. As organizations adopt AI at scale, the guidance encourages proactive measures to ensure system integrity and data reliability throughout the AI life cycle.
Focus on Securing AI Data Across Its Full Life Cycle
The advisory outlines best practices for securing AI systems at each phase, including data planning, collection, model development, deployment, and ongoing operations. A key priority is preventing tampering with training data, which plays a foundational role in the behavior and trustworthiness of AI outputs.
To safeguard data integrity, the document recommends:
- Using digital signatures to validate modifications.
- Relying on trusted infrastructure to prevent unauthorized access.
- Applying cryptographic hashes to detect tampering with raw data.
- Implementing anomaly detection algorithms to filter out malicious data before training.
- Conducting routine curation of web-sourced datasets.
“The principles outlined in this information sheet provide a robust foundation for securing AI data and ensuring the reliability and accuracy of AI-driven outcomes,” the agencies stated.
Mitigating Broader Risks to Critical Infrastructure
The guidance addresses broader risks introduced when AI is embedded into operational technology that runs core infrastructure systems. These include risks from poor data quality, intentional data poisoning, and other attacks that could disrupt services or mislead decision-making tools.
The document also highlights technical concerns such as:
- Statistical bias in training data.
- Duplicate records that distort learning outcomes.
- Inaccurate data affecting model performance.
- Data drift, where input characteristics change over time.
The guidance arrives as global adversaries, including China and Russia, increasingly target AI systems for cyber operations. Western governments are prioritizing coordinated security standards to reduce the likelihood of such exploitation.
The publication was jointly authored by the FBI, Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and allied cybersecurity agencies from the U.K., Australia, and New Zealand.
