House Advances AI Security Act to Tackle Growing Cyber Threats and Vulnerabilities

September 25, 2024
House Advances AI Security Act to Tackle Growing Cyber Threats and Vulnerabilities
  • On September 20, Representatives Deborah Ross, Jay Obernolte, and Don Beyer introduced the AI Incident Reporting and Security Enhancement Act, which has now been advanced by a House committee.

  • This legislation aims to establish a formal process for reporting security vulnerabilities in artificial intelligence systems, assigning the National Institute of Standards and Technology (NIST) the responsibility for this task.

  • If enacted, the bill will require NIST to update the National Vulnerability Database (NVD) to include vulnerabilities associated with AI systems and assess the need for voluntary reporting of AI security incidents.

  • NIST will also collaborate with stakeholders, including the Cybersecurity and Infrastructure Security Agency (CISA), to develop standardized definitions and reporting protocols for AI security incidents.

  • However, the bill's implementation may increase NIST's workload, which is already strained due to budget cuts and staffing limitations.

  • Representative Deborah Ross has emphasized that finding funding solutions is a priority, as the bill's provisions will depend on available appropriations.

  • The initiative has garnered bipartisan support, with a companion Senate bill, the Secure AI Act of 2024, introduced by Senators Mark Warner and Thom Tillis in May.

  • During committee discussions, Representative Obernolte highlighted significant cybersecurity incidents, underscoring the vulnerabilities of AI systems, which can be complex and unpredictable.

  • The legislation addresses critical risks, including the potential for re-identification of private information from AI training datasets and the misuse of AI by cybercriminals for phishing and deepfakes.

  • In addition to this act, NIST has launched a new program focused on AI's role in cybersecurity and privacy, which includes developing community profiles tailored to specific industry needs.

  • NIST has faced challenges with an increasing number of vulnerabilities and has previously paused updates to the NVD due to budget constraints and a surge in email traffic related to database management.

  • Ranking Member Zoe Lofgren praised the committee's bipartisan efforts in advancing AI policies and capabilities through the passage of this bill.

Summary based on 5 sources


Get a daily email with more AI stories

More Stories