NSA + AI = Quality Advice?

Our friends at the NSA on Monday released a white paper in conjunction with the FBI, with CISA, with a number of other organizations on how they recommend we secure our AI systems. Now, a lot of the recommendations that they have in there have a fair amount of overlap with the NIST AI risk management framework with the EU AI act. But there are some things that I found in there that were really unique. They recommend that developers, as part of the process to get approval for a model, actually submit a threat modeling assessment. They recommend that weights be encrypted when they are stored at rest, which should honestly be a no brainer. But they also recommend validation of the model before, during, and after deployment to production. Although that is something that is sort of called out in the Biden Harris EO 14,110 (And why do I know that? Because I'm crazy.) It's good to be able to see them do it in plain text, in plain English. If you're interested in this white paper, it is eleven pages of very, very light reading. Press Release: https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/3741371/nsa-publishes-guidance-for-strengthening-ai-system-security/ HN thread: https://news.ycombinator.com/item?id=40054811 #generativeai #llms 🎼 Music from V - "FRI(END)S"