The Cybersecurity Infrastructure Security Agency (CISA) has initiated a new alert series called “Secure by Design” to proactively monitor artificial intelligence (AI) software development practices. The series aims to promote “left-of-boom” strategies, urging the software industry to adopt “radical transparency” and specific actions to evaluate software development lifecycles concerning customer security outcomes.
CISA’s awareness campaign aligns with the release of voluntary global guidelines for secure AI system development.
Addressing Workforce Shortages: CISA’s first “Secure by Design” alert, released on November 29, focuses on web management interface vulnerabilities. It calls on software manufacturers to publish secure-by-design roadmaps to protect customers from cyber threats.
Industry Adoption: About 75% of surveyed healthcare senior executives and young clinicians expressed current or planned use of digital health technology to mitigate the growing workforce shortage. Cloud-based technologies, out-of-hospital solutions, and workflow technologies are primary areas of interest.
AI Investment: Approximately 25% of respondents are presently investing in AI, with 84% committed to investing in health AI over the next three years. The preferred applications include AI for predicting outcomes and AI for clinical decision support.
Virtual Care Investment: Half of the surveyed healthcare leaders are investing in virtual care, recognized for its significant impact on improving patient care.
Distributed Care Models: Two-thirds of respondents feel well-equipped to collaborate effectively with new technology-enabled distributed models of care, expecting benefits such as increased patient compliance, revenue opportunities, and enhanced efficiency.
Global AI Guidelines: CISA, along with domestic and international partners, emphasizes the importance of AI security in the development process. Recently released guidelines outline secure design, development, deployment, and operation and maintenance stages of AI system development.
International Collaboration: The guidelines reflect a historic international collaboration, promoting transparency, accountability, and secure practices in AI system development.
CISA’s “Secure by Design Alerts” and the global guidelines for secure AI system development underline the industry’s commitment to addressing cybersecurity challenges in AI. The proactive approach aims to enhance customer security outcomes, protect against cyber threats, and ensure the responsible development of AI technologies.
