Report: Cyber Security for AI Recommendations

Updated on

January 14, 2025

Dr. Peter Garraghan

TABLE OF CONTENTS

Key Takeaways

‍

UK government commissioned Mindgard to conduct a systematic study to identify recommendations linked to addressing cyber security risks to Artificial Intelligence (AI).

We used a systematic search method to review data sources across multiple domains to identify various recommendations and evidence of cyber risks against AI across academia, technology companies, government bodies, cross-sector initatives (e.g. OWASP), news articles, and technical blogs.

The review also examined common themes and knowledge gaps within AI security remediation actions.

Key findings of the report include:

We found sufficient evidence indicating that many of the reported cyber security risks to AI strongly justify the need to identify, create, and adopt new recommendations to address.
Many of the recommendations for securing AI are based on established cybersecurity practises and various conventional cyber security recommendations are directly or indirectly applicable to AI.
Many recommendations are derived from few unique data sources and there are limited empirical studies of security vulnerabilities in AI used in the production of cyber attacks, and there a lack of information on how to enact recommendations described.

NIST: “Currently, there is no approach in the field of machine learning that can protect against all the various adversarial attacks.”

Bypassing LLM guardrails: character and AML attacks in practice

This study shows how simple character transformations and algorithmic evasion attacks can silently bypass six popular LLM guardrails, sometimes reaching one hundred percent evasion.

Model Leeching: cheaply cloning LLM skills for attack staging

Model Leeching shows how attackers can distill ChatGPT-class task knowledge into smaller models for about fifty dollars, then use them to tune follow on attacks.

Continuous AI Red Teaming: Why S&P Global Says It’s Critical to Securing the AI Era

S&P Global Coverage Initiation: Mindgard’s continuous AI red teaming looks to secure models and applications

Mindgard, the leading provider of Artificial Intelligence security solutions, helps enterprises secure their AI models, agents, and systems across the entire lifecycle. Mindgard’s solution uncovers shadow AI, conducts automated AI red teaming by emulating adversaries, and delivers runtime protection against attacks like prompt injection and agentic manipulation. Trusted by leading organizations in finance, healthcare, and technology, Mindgard is backed by investors including .406 Ventures, IQ Capital, Atlantic Bridge, and Lakestar.