The European Union Agency for Cybersecurity (ENISA) released its Artificial Intelligence Threat Landscape Report, unveiling the major cybersecurity challenges facing the AI ecosystem. ENISA’s study takes a methodological approach at mapping the key players and threats in AI. The report follows up the priorities defined in the European Commission’s 2020 AI White Paper. The ENISA Ad-Hoc Working Group on Artificial Intelligence Cybersecurity, with members from EU Institutions, academia and industry, provided input and supported the drafting of this report.
The benefits of this emerging technology are significant, but so are the concerns, such as potential new avenues of manipulation and attack methods. The technology takes many steps across the supply chain and requires vast amounts of data to function efficiently. The AI Threat Landscape report underlines the importance of cybersecurity and data protection in every part of the AI ecosystem to create trustworthy technology for end-users.
The main highlights of the report include:
Definition of AI’s scope in the context of cybersecurity by following a lifecycle approach. The ecosystem of AI systems and applications is defined by taking into account the different stages of the AI lifecycle -- from requirements analysis to deployment.
- Identification of assets of the AI ecosystem as a fundamental step in pinpointing what needs to be protected and what could possibly go wrong in terms of the security of the AI ecosystem.
- Mapping of the AI threat landscape by means of a detailed taxonomy. This serves as a baseline for the identification of potential vulnerabilities and attack scenarios for specific use cases.
- Classification of threats and listing of relevant threat actors. The impact of threats to different security properties is also highlighted..