Written by Thales.
Artificial intelligence (AI) and cloud computing have become central to modern data environments. The convergence of these technologies promises a wealth of opportunities, enabling businesses to leverage powerful AI tools at scale and with greater efficiency. AI, once accessible only to a select few, is now being democratized by cloud platforms. These platforms are putting advanced analytics and decision-making tools within the reach of small entities that previously lacked the resources to leverage them.
Yet, this widespread adoption has its challenges. The very features that make AI in the cloud appealing—scalability, accessibility, and cost-effectiveness—also introduce vulnerabilities that malicious actors can exploit.
Threats to AI Platforms
The two main threats to AI platforms are model stealing and data poisoning. Both are sophisticated attacks that could compromise the integrity of AI systems and severely damage a company’s reputation and bottom line.
The first is model stealing, when a malicious actor tries duplicating an AI platform's machine-learning model. Techniques such as querying the target model, using the responses to build a replica, or stealing training data to create a similar model are the norm. The consequences can be expensive, as unauthorized parties can use the stolen model without a license, resulting in lost revenue and intellectual property.
The next is data poisoning, an attack in which malicious data is introduced into an AI model's training data, corrupting it and causing it to learn biased or incorrect information. A compromised model can also be exploited in future attacks or used to exfiltrate sensitive data. Data poisoning is a particularly scourge because it undermines the reliability of AI systems and leads to inaccurate predictions and decisions.
Regulatory Frameworks for Cloud-based AI
Because AI is becoming ubiquitous and embedded in cloud infrastructure, governments worldwide are enacting regulations to oversee safe and secure AI development and deployment. The European Union's AI Act and the United States Executive Order 14110 are two regulatory frameworks that aim to balance innovation with risk mitigation.
A Risk-based Approach
The Order and the Act focus on a risk-based approach to AI regulation. Higher-risk AI applications, like those used in critical infrastructure, healthcare, and law enforcement, are subject to more stringent requirements. Similarly, AI systems operating in sensitive areas must adhere to higher safety and reliability standards.
A Focus on Safety, Ethics, and Fundamental Rights
These regulations also prioritize protecting fundamental rights, such as privacy and non-discrimination. AI systems must be designed to operate ethically, with safeguards to prevent harmful outcomes. This means robust guardrails need to be embedded within the systems to avoid biased or discriminatory outcomes and prevent people’s rights and freedoms from being infringed on in any way. By doing this, these regulations aim to build trustworthy and responsible AI technologies.
Transparency and Explainability
At the core of these regulations is the need for transparency and explainability in AI systems. Businesses must be able to explain (clearly and unambiguously) how their AI models make decisions, which is key to building trust with users and regulators.
Privacy Protection and Data Governance
Privacy is a critical concern in cloud-based AI systems. Regulatory frameworks stress the importance of robust data governance practices to handle personal data securely and comply with privacy laws.
Promoting Innovation
While these regulations impose certain restrictions, they also fuel innovation by setting straightforward guidelines for AI development. This helps businesses navigate the regulatory landscape while allowing them to innovate and compete in the global market.
Security Strategies for AI in the Cloud
Given the complex risks associated with AI in cloud environments, entities need robust security strategies to protect their systems and data. Here are key strategies for mitigating the risks brought about by model stealing and data poisoning.
Model Encryption and Access Control: To protect against model theft, firms should encrypt their AI models and rigorously control access to the encryption keys. Implementing strong authentication measures, defining clear roles and policies, and using robust licensing systems can help prevent unauthorized access and allow only legitimate users to interact with the AI models.
Data Governance and Verification: Firms must enforce strict data governance practices to counteract data poisoning. This includes carefully selecting, verifying, and cleaning data before it is used for training or testing AI models. Avoiding untrusted data sources, such as crowdsourcing or web scraping, is also advisable as it lessens the risk of introducing malicious data into the system.
Confidential AI Models: Businesses should consider adopting Confidential AI models, which run within trusted computing environments. These ensure the security and integrity of the hardware and the data and add another layer of protection. Independent third-party attestation can also validate that the environment has not been compromised.
A Forward-Thinking Approach
As AI and cloud computing continue to shape the future of digital risk, businesses must adopt a forward-thinking approach that fuses AI regulations with cloud security best practices. This means keeping up to date on evolving regulatory requirements, such as the EU AI Act and Executive Order 14110, and implementing robust security strategies to protect AI platforms from emerging threats like model stealing and data poisoning.
By embracing a proactive approach to innovation and compliance, entities can navigate the complexities of AI in the cloud, ensuring that they can harness the power of these technologies while protecting their systems, data, and reputation.