Cisco has rolled out a service that promises to protect enterprise AI development projects with visibility, access control, threat defense, and other safeguards.
The vendor’s AI Defense package offers protection to enterprise customers developing AI applications across models and cloud services, according to Tom Gillis, senior vice president and general manager of Cisco’s Security, Data Center, Internet & Cloud Infrastructure groups.
Vulnerabilities can occur at the model- or app-level, while responsibility for security lies with different owners including developers, end users, and vendors, Gillis said.
“Raising the stakes even more, when models fail, the consequences can be severe. Safety issues—like bias, toxicity, or inappropriate outputs—must be addressed, alongside threats from external actors exploiting vulnerabilities to steal confidential data or otherwise compromise your security,” Jeetu Patel, Cisco executive vice president and chief product officer, wrote in a blog about the news.
Model vendors and app builders will implement their own safeguards, but these measures, while necessary, will inevitably be fragmented and insufficient, Patel wrote.
“As enterprises move beyond public data and begin training models on proprietary data, the risks only grow, so AI Defense uses a set of logic for AI models to supervise and understand the behavior of AI applications. It uses AI to protect AI,” Gillis added.
Specifically, AI Defense is made up of four components: AI Access, AI Cloud Visibility, AI Model & Application Validation, and AI Runtime Protection.
AI Access offers visibility into who wants or has use of an AI application and then it controls access to protect and enforce data-loss prevention and mitigate potential threats.
The AI Cloud Visibility automatically uncovers AI assets comprising custom-built AI applications across your distributed environment, including unsanctioned AI workloads. This provides a single-pane-of-glass view of AI inventory, Cisco says.
AI Defense discovers all of the various models being used in a customer’s AI development, which is useful because there has already been a proliferation of AI tools and models, Gillis said. “Then we discover who is using what, and we let customers train their own models around their data so they don’t expose company sects etc. So they can make a local version of a model and at the time that model is being built, we’re able to validate it,” Gillis said.
Developers download models and data from public repositories, including Hugging Face and GitHub, inadvertently exposing organizations to considerable risks. AI Validation Model & Application Validation automatically scans open-source models, data, and files to block supply chain threats, such as malicious model files that can allow for arbitrary code execution in the environment. When a new model is entered into a registry, an assessment can be initiated using a simple API call, Cisco says.
AI Runtime inspects every input and automatically blocks malicious payloads before they can cause damage, according to Cisco. “Common attacks include prompt injection, prompt extraction, denial of service (DoS), and command execution. The component also stops sensitive data, such as Personally Identifiable Information (PII), from reaching customer models,” Cisco says.
Cisco’s AI Defense works with Cisco’s AI-based Hypershield portfolio and is integrated into the vendor’s Security Cloud package. Hypershield is comprised of AI-based software, virtual machines, and other technology that will ultimately be baked into core networking components, such as switches, routers, or servers. It promises to let organizations autonomously segment their networks when threats are a problem, gain rapid exploit protection without having to patch or revamp firewalls, and automatically upgrade software without interrupting computing resources, according to Gillis.
AI Defense will be available in March.
Source:: Network World