NewsApril 14, 2023ENISA document on the Cybersecurity of AI and Standardisation

In a period where AI has gained great vogue but is still little known, exploring the cybersecurity aspects of its use becomes fundamental.

The overall objective of the document is to provide an overview of the cybersecurity of artificial intelligence (AI) standards, to assess their coverage potential gaps. To do that, the document analyses the particularities of AI, such as machine learning, under the cybersecurity perspective. Also, the report explores how standardisation can support the growth of the cybersecurity aspects embedded in the proposed EU-harmonised artificial intelligence regulation (COM(2021) 206 final) (draft AI Act).

In addition, Enisa underlines how organizational standards such as ISO-IEC 27001 and ISO-IEC 9001 can play a key role in mitigating risks but still requires some implementations. For example, some it considers IT security not mature nor complete enough to handle all the potential risks hidden behind artificial intelligence technologies.

You can read the document here