Skip to content

AI security certification spec. - Exposure draft

The AI security certification requirements exposure draft outlines what's needed for deployers of AI-enabled systems to achieve the upcoming HITRUST AI security certification. This exposure draft is intended to provide guidance and expectations of the AI-security focused HITRUST CSF requirements and details of certification achievement to the HITRUST community.

HITRUST invites all stakeholders to review and submit feedback by Oct 17, 2024. Note that in providing feedback, you grant HITRUST a perpetual, irrevocable, royalty-free, worldwide, non-exclusive, transferable, sublicensable right to make, use, sell, offer for sale, import, or otherwise incorporate into the HITRUST Cybersecurity Certification for Deployed AI Systems certification and/or the HITRUST CSF any suggestions, enhancements, recommendations or other feedback you provide.

AI security certification spec. - Exposure draft

Categories

JUMP TO ANOTHER FORUM

(thinking…)

How can we improve the AI security certification?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback

2 results found

  1. Threat inherent to language models: Misalignment

    Threats inherent to language models - Misalignment

    Description: The production of content that contradicts the goals, policies, or intentions of developers.

    Impact: Depends on the ability of end users to exploit content for malicious purposes such as reputational damage or social engineering, even if terms of service of Gen AI system state that it does not represent the views of developers.

    1 vote

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  The AI Security Threats  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  2. Filter out "liability generating" (or "compromising") Gen AI outputs

    Generative AI outputs that create financial or other liability (for example, by making promises) are filtered before reaching the end-user of the AI system.

    For example, https://venturebeat.com/ai/a-chevy-for-1-car-dealer-chatbots-show-perils-of-ai-for-customer-service/. A specially trained LLM or other NLP can be used to flag responses that have compromising content.

    This would be added alongside "toxic", "protected", and "sensitive" output, because it is a true fourth category.

    0 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  The AI Security Requirements  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
  • Don't see your idea?