Artificial intelligence and machine learning, next generation technology and secure development
US CISA releases guidance to streamline AI cyber incident information sharing
Chris Liotta (@chrisriotta) •
January 14, 2025
The U.S. Cyber Defense Agency aims to streamline the sharing of information about artificial intelligence cybersecurity incidents and vulnerabilities among the federal government, leading AI developers, and major companies deploying AI tools.
See also: Live Webinar | AI in the spotlight: Exploring the future of AppSec evolution
The Cybersecurity and Infrastructure Security Agency released the AI Cybersecurity Cooperation Playbook on Tuesday. The handbook provides guidance to public and private partners on AI incident and vulnerability disclosure, and details the agency’s steps to strengthen collective defense through shared information. CISA said it developed the Joint Cyber Defense Collaborative AI Cybersecurity Collaboration Playbook in collaboration with federal partners such as the FBI and the National Security Agency AI Security Center, as well as industry partners such as AWS, Nvidia, IBM, Microsoft, and OpenAI. said.
This playbook calls for proactive information sharing about malicious activity to help detect critical threats early. Provides a means for AI developers and private companies to coordinate within the JCDC and voluntarily report cyber incidents to CISA. The guidance acknowledges that the Department of Homeland Security’s premier threat sharing initiative faces major obstacles, including rising security concerns, a sharp decline in participation, and a lack of a recruitment strategy. (See: Experts Warn CISA Threat Sharing Is at Risk of ‘Death Spiral’)
CISA Director Jen Easterly said the new handbook is a “major milestone” in CISA’s efforts to “secure AI systems through proactive collaboration.” He added that 150 AI experts from government, industry and international partners contributed to the development of the guidance and participated in two dynamic tabletop exercises. These guidances will be “regularly updated to address the evolving challenges of an AI-driven future.”
CISA’s Cybersecurity Advisory Committee issued a series of recommendations in June, calling for an overhaul of the JCDC and improved focus on operational collaboration. Experts told Information Security Media Group at the time that the public-private partnership, which boasts more than 300 member organizations across 12 critical infrastructure sectors, was plagued by mission uncertainty and a lack of a platform to strengthen collaboration. said (see: CISA Plan JCDC Overhaul as Experts Criticizes Slow Start).
The handbook primarily instructs organizations to use CISA web pages to report cyber incidents and vulnerabilities in AI products and services. CISA recommends that all JCDC partners integrate the handbook into their incident response and information sharing processes, making iterative improvements as necessary.
This guidance recommends establishing a comprehensive vulnerability disclosure policy so that security researchers understand what tests are allowed on a particular system and how to submit those vulnerability reports. I’m asking the organization. It also directs JCDC partners who identify vulnerabilities in deployed federal systems to notify owners or report issues through the Carnegie Mellon University Software Engineering Institute CERT Coordination Center.
The handbook will be published just six days before the transition in Washington, which could pose challenges for implementation. The next administration may aim to significantly downsize the Cyber Defense Agency. President-elect Donald Trump has yet to announce many key cyber positions in the White House, but newly empowered Republicans will push for budget cuts and re-prioritization of CISA’s mission. Seems likely (see: CISA faces uncertain future under Trump administration).
