AI-CI safety guidelines

government

dhs.gov·dhs.gov/sites/default/files/2024-04/24_0426_dhs_ai-ci-saf...

An official U.S. government document issued under EO 14110; useful for understanding how federal agencies are translating AI safety principles into actionable guidelines for high-stakes infrastructure operators.

Metadata

Importance: 62/100guidance documentprimary source

Summary

The Department of Homeland Security's April 2024 guidelines provide a four-part framework (Govern, Map, Measure, Manage) to help critical infrastructure owners and operators manage AI-related risks. The document identifies three cross-sector risk categories—attacks using AI, attacks on AI systems, and AI design/implementation failures—and maps mitigation strategies to the NIST AI Risk Management Framework. It represents a practical, sector-agnostic approach to operationalizing AI risk management in high-stakes infrastructure contexts.

Key Points

•Establishes a four-part AI risk management framework: Govern, Map, Measure, and Manage, aligned with the NIST AI RMF.
•Identifies three critical AI risk categories: adversarial use of AI, attacks targeting AI systems, and failures from AI design or implementation flaws.
•Mandated by Executive Order 14110, targeting critical infrastructure sectors such as energy, water, transportation, and financial services.
•Provides concrete mitigation strategies for each risk category, including general mitigations applicable across sectors.
•Emphasizes organizational culture and governance as foundational to effective AI risk management, not just technical controls.

Cited by 1 page

Page	Type	Quality
Cyberweapons Risk	Risk	91.0

Cached Content Preview

HTTP 200Fetched Mar 15, 202678 KB

Publication: April 2024
Department of Homeland Security
MITIGATING ARTIFICIAL INTELLIGENCE (AI) RISK:
Safety and Security Guidelines
for Critical Infrastructure Owners
and Operators

-- 1 of 28 --

2
Table of Contents
EXECUTIVE SUMMARY ................................................................................................................................................. 4
INTRODUCTION ............................................................................................................................................................ 5
AI RISKS TO CRITICAL INFRASTRUCTURE................................................................................................................... 7
AI Uses and Patterns of Adoption .......................................................................................................................... 7
Cross-Sector AI Risk Categories ............................................................................................................................. 9
GUIDELINES FOR CRITICAL INFRASTRUCTURE OWNERS AND OPERATORS .......................................................... 10
Govern: Establish an organizational culture of AI risk management. ................................................................ 11
Map: Understand your individual AI use context and risk profile. ...................................................................... 11
Measure: Develop systems to assess, analyze, and track AI risks. ................................................................... 12
Manage: Prioritize and act upon AI risks to safety and security. ....................................................................... 13
CONCLUSION.............................................................................................................................................................. 15
APPENDIX A: CROSS-SECTOR AI RISKS AND MITIGATION STRATEGIES ................................................................. 16
Risk Category: Attacks Using AI ............................................................................................................................ 16
Risk Category: Attacks on AI ................................................................................................................................. 17
Risk Category: AI Design and Implementation Failures ...................................................................................... 19
General Mitigations for AI Risks ........................................................................................................................... 20
APPENDIX B: GUIDELINES MAPPED TO NIST AI RMF .............................................................................................. 22
Govern ................................................................................................................................................................... 22
Map ......................................................

... (truncated, 78 KB total)

Resource ID: 7786ae9986ce7a71 | Stable ID: Yzc5ZTBlZj