- Tech giants, including OpenAI, Google, Microsoft and Nvidia, have formed CoSAI to enhance AI application security.
- CoSAI will develop risk mitigation frameworks, simplify AI cybersecurity management, and address supply chain vulnerabilities through three open-source initiatives.
OUR TAKE
The launch of CoSAI by tech giants signifies a proactive stance on AI security, addressing vulnerabilities and fostering a collaborative environment for innovation and best practices. Tackling the fragmented AI security landscape cohesively, this alliance aims to future-proof AI systems, maintaining their robustness and resilience amidst a perpetually evolving digital milieu.
–Vicky Wu, BTW reporter
What happened
Leading tech giants have unified to establish the Coalition for Secure AI (CoSAI), an cybersecurity consortium aimed at bolstering the security of artificial intelligence applications. Announced at the Aspen Security Forum, CoSAI will operate under OASIS, a non-profit overseeing open-source software projects focused on enhancing cybersecurity.
CoSAI’s founding members include industry titans such as OpenAI, Anthropic, AWS, Microsoft, Google, Nvidia, Intel, IBM, Cisco, PayPal, Wiz, and Chainguard. Their joint mission is twofold: to develop tools and guidelines for securing AI applications, and to cultivate an ecosystem for sharing best practices and technologies in AI cybersecurity.
CoSAI is inaugurating three open-source workstreams to fulfill these goals. Firstly, CoSAI plans to develop a framework assisting software teams in identifying and mitigating cybersecurity risks in machine learning workloads, incorporating a taxonomy of common vulnerabilities and remediation methods, alongside a cybersecurity scorecard for continuous monitoring. Secondly, the coalition aims to simplify AI cybersecurity risk management through strategic investment identification and deployment of mitigation techniques. Finally, addressing software supply chain risks is a priority, with a focus on streamlining the analysis of vulnerabilities in external components sourced from repositories like GitHub within complex projects.
Also read: OpenAI’s ‘Strawberry’ project advances AI reasoning
Also read: Google, Microsoft offer Nvidia AI chips to China
Why it’s important
The formation of coalitions like CoSAI exemplifies a collective awakening to the paramountcy of AI security. Driven by shared responsibility, major corporations unite to combat AI’s unique security challenges. By amalgamating resources, these entities can collectively tackle AI’s intrinsic vulnerabilities, effectively mitigating sophisticated threats such as adversarial inputs and data breaches. Innovation acceleration, fuelled by cross-organisational collaboration, propels security technologies and techniques forward, harnessing collective expertise for breakthroughs. Regulatory compliance and fostering public trust are also pivotal. Companies can positively influence policy and reassure users and boost their confidence in AI technologies by showcasing their commitment to AI security.
“We’ve been using AI for many years and see the ongoing potential for defenders, but also recognize its opportunities for adversaries,” Heather Adkins, Google’s vice president of security, says in a statement. “CoSAI will help organizations, big and small, securely and responsibly integrate AI – helping them leverage its benefits while mitigating risks.”
