MITRE’s Center for Threat-Informed Defense recently unveiled the launch of the AI Incident Sharing initiative in collaboration with over 15 companies to enhance community awareness of threats and defenses for AI-enabled systems. The initiative is a part of the center’s Secure AI project and is designed to facilitate swift and secure collaboration on threats, attacks, and incidents involving AI systems. It aims to expand the reach of the MITRE ATLAS community knowledge base, which has been gathering and analyzing data on anonymized incidents for the past two years.
Under this new initiative, a community of collaborators will have access to protected and anonymized data on real-world AI incidents, allowing for a more comprehensive understanding of the risks involved. Organizations can submit incidents via the web portal at https://ai-incidents.mitre.org/. Those who submit incidents will be considered for membership with the ultimate goal of enabling data-driven risk intelligence and analysis on a larger scale.
The Secure AI project has also extended the ATLAS threat framework to include information on the threat landscape posed by generative AI systems. This update incorporates new generative AI-focused case studies, attack techniques, and mitigation methods to combat threats targeting these systems. In a joint effort with Microsoft, MITRE released updates to the ATLAS knowledge base in November 2023, with a specific focus on generative AI.
Douglas Robbins, Vice President of MITRE Labs, emphasized the importance of standardized and rapid information sharing about incidents to enhance the collective defense of AI systems and minimize potential external harms. This collaborative approach to sharing information mirrors MITRE’s existing public-private partnership with the Aviation Safety Information Analysis and Sharing database, which shares data and safety information to identify and prevent risks in aviation.
The collaborators on the Secure AI project represent a diverse range of industries, including financial services, technology, and healthcare. Notable companies involved in the initiative include AttackIQ, BlueRock, Booz Allen Hamilton, CATO Networks, Citigroup, Cloud Security Alliance, CrowdStrike, FS-ISAC, Fujitsu, HCA Healthcare, HiddenLayer, Intel, JPMorgan Chase Bank, Microsoft, Standard Chartered, and Verizon Business.
Through the AI Incident Sharing initiative, MITRE and its partners are taking proactive steps to enhance the security and resilience of AI-enabled systems by fostering a collaborative environment for sharing knowledge and insights on threats and defenses. By leveraging the collective expertise and resources of a diverse group of industry stakeholders, this initiative has the potential to drive significant advancements in AI security practices and safeguard against emerging threats in the ever-evolving landscape of artificial intelligence.