On May 22, 2025, CISA and several security partners unveiled a joint Cybersecurity Information Sheet titled "AI Data Security: Best Practices for Securing Data Used to Train & Operate AI Systems," marking a significant step in addressing growing concerns about AI security vulnerabilities.
The guidance, co-authored by the National Security Agency's Artificial Intelligence Security Center (AISC), the Federal Bureau of Investigation (FBI), and international partners including Australia's ACSC, New Zealand's NCSC-NZ, and the UK's NCSC, emphasizes that data security is fundamental to ensuring reliable AI systems.
The information sheet outlines key risks that may arise from data security and integrity issues across all phases of the AI lifecycle, from development and testing to deployment and operation. It provides detailed recommendations for protecting the data that powers AI systems, including implementing robust data protection measures like encryption, digital signatures, and data provenance tracking.
The guide specifically addresses three significant areas of data security risks in AI systems: data supply chain vulnerabilities, maliciously modified ("poisoned") data, and data drift. For each risk area, the document provides detailed mitigation strategies and best practices.
"As AI systems become more integrated into essential operations, organizations must remain vigilant and take deliberate steps to secure the data that powers them," states the CISA alert. The agency recommends organizations adopt robust data protection measures, proactively manage risks, and strengthen monitoring, threat detection, and network defense capabilities.
This guidance is particularly relevant for Defense Industrial Bases, National Security Systems owners, federal agencies, and Critical Infrastructure operators who are increasingly deploying AI systems in sensitive environments. By implementing the recommended security practices, organizations can better protect their AI systems from potential threats while maintaining the accuracy and integrity of AI-driven outcomes.