Cyber & IT Supervisory Forum - Additional Resources

A MULTILAYER FRAMEWORK FOR GOOD CYBERSECURITY PRACTICES FOR AI June 2023

Network of interdisciplinary institutions Improve international collaboration Monitoring the dissemination and uptake of AI Enhancement of data access, usage, sharing and protection: increase availability and quality of data without violating personal rights Improvement of digital infrastructure to leverage opportunities of AI: • deployment of large-scale computing infrastructures; • development of network infrastructure (e.g. 5G standard). Implementation of norms and ethical principles of AI Review of the legal framework for AI based applications Enhance and define interoperable technical standards

Collaboration with CSIRTS, CERTs

Dissemination and uptake

Trustworthy AI systems made in the EU

Infrastructure Data

Develop fair, equitable and secure data sharing frameworks and interoperable data sets and models Development of secure training models Secure and certified AI systems and applications Enhancing the security of national critical infrastructures

Digital & telecom

Regulation

Ethical Legal Standardisation

Trustworthiness of AI legislation and frameworks Apply standards to AI security AI security compliance with the GDPR

List of questions (mandatory questions are in bold)

Policy Areas

Questions related to Cybersecurity of AI

Human Capital

Cybersecurity plays a crucial role in ensuring that AI systems are resilient against attempts to alter their use, behaviour, performance or compromise their security properties by malicious third parties exploiting the system’s vulnerabilities. Raising practical skills and capabilities in handling emerging AI cyber threats and challenges is important in the future development of AI systems. 1. Have you built/do you plan to build synergies with

educational authorities/institutions to increase AI cybersecurity capabilities at all levels of education? 2. Do you offer awareness campaigns about the secure development and use of AI solutions? 3. Do you provide guidance and best practices on how to improve AI security? 4. Do you consider AI cybersecurity in syllabus of courses dedicated to AI or to CS? 5. Do you offer practical trainings to the AI stakeholders and can elaborate to which stakeholders? 6. Do you organise national, regional and cross-border cybersecurity exercises enabling the upskilling of the AI stakeholders?

39