Arnotts Technology Lawyer Logo
1800 749 294
Blog page img

Our Blog

Learn About The Latest Issues Facing The Technology and Telecommunications Industries. Subscribe To Our Blog And Get Regular Updates Automatically!

Some of our Satisfied Clients

Startups, SMEs, Public Listed Entities, Multinational Corporations and Government

featured in

Australian Signal Directorate Releases Best Practices to Secure AI systems

Real robotic hand and vintage key. Concept of encryption and data security by AI

Artificial intelligence (AI) and machine learning systems rely heavily on high-quality, secure data to function accurately. However, without proper safeguards, these systems are vulnerable to data breaches, manipulation, and corruption. A recent Cybersecurity Information Sheet (CSI) co-authored by the National Security Agency (NSA), CISA, FBI, and international cybersecurity agencies outlines critical best practices for securing AI data throughout its lifecycle.

Key Risks in AI Data Security

The CSI highlights three major risks that can compromise AI systems:

  1. Data Supply Chain Vulnerabilities – Third-party datasets may contain inaccuracies or maliciously altered (poisoned) data, leading to flawed AI outcomes.
  2. Maliciously Modified Data – Adversaries can manipulate training data to skew AI decisions, inject bias, or extract sensitive information.
  3. Data Drift – Over time, real-world data may deviate from training data, reducing model accuracy.

Best Practices for Securing AI Data

To mitigate these risks, organisations should implement the following security measures:

  1. Verify Data Sources & Track Provenance
  • Use trusted, authoritative data sources and implement cryptographic hashes to detect tampering.
  • Maintain an immutable audit log of data changes to trace origins and modifications.
  1. Protect Data Integrity
  • Use digital signatures and quantum-resistant encryption (eg., AES-256) to secure data in transit and at rest.
  • Store data in FIPS 140-3 compliant systems to prevent unauthorised access.
  1. Implement Strong Access Controls
  • Classify data by sensitivity and enforce zero-trust architecture to limit access.
  • Apply privacy-preserving techniques like federated learning and differential privacy to protect sensitive information.
  1. Monitor for Data Drift & Poisoning
  • Continuously assess input data for deviations from training datasets.
  • Use anomaly detection and data sanitisation to filter out poisoned or corrupted inputs.
  1. Secure the AI Development Lifecycle
  • From design to deployment, integrate security measures such as adversarial testing, model validation, and secure deletion of obsolete data.

As AI adoption grows, securing the data that powers these systems is critical. By following these best practices, including data encryption, provenance tracking, and continuous monitoring, organisations can defend against cyber threats and ensure reliable AI performance.

 

"Stellar Results Through Technology Contract Negotiations"

Are you putting your business at risk with lawyers who don’t understand Technology Contracts?

Get Your Free Copy
free book
Arnotts Technology Lawyer Logo

© Arnotts Technology Lawyers Pty Ltd

Level 6, 16 O'Connell Street, Sydney NSW 2000.

Liability limited by a Scheme approved under Professional Standards Legislation

Facebook Twitter Linkedin Pinterest Tumblr