The Canadian Centre for Cyber Security (Cyber Centre) has joined the United States’ Cybersecurity and Infrastructure Security Agency (CISA) and the following international partners in releasing guidance on principles for the secure integration of artificial intelligence (AI) in operational technology (OT):
- Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC)
- Germany’s Federal Office for Information Security (BSI)
- Netherlands’ National Cyber Security Centre (NCSC-NL)
- New Zealand’s National Cyber Security Centre (NCSC-NZ)
- United Kingdom’s National Cyber Security Centre (NCSC-UK)
- United States’ Federal Bureau of Investigation (FBI)
- United States’ National Security Agency’s Artificial Intelligence Security Center (NSA AISC)
For critical infrastructure (CI) owners and operators, AI offers the potential to:
- increase efficiency and productivity
- enhance decision-making
- save costs
- improve customer experience
Despite the many benefits, integrating AI into OT environments that manage essential public services also introduces significant risks. These risks must be carefully managed to ensure the availability and reliability of CI.
This joint guidance outlines 4 key principles CI owners and operators can follow to leverage the benefits of AI in OT systems while minimizing risk:
- Understand AI
- Consider AI use in the OT domain
- Establish AI governance and assurance frameworks
- Embed safety and security practices into AI-enabled OT systems
We urge CI owners and operators to review this joint guidance and implement the principles to more securely integrate AI into OT systems.
Read the full joint publication: Principles for the secure integration of artificial intelligence in operational technology