b'Artificial Intelligence Security Center, the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, the Australian Signals Directorates Australian Cyber Security Centre, the Canadian CentreforCyberSecurity,theNewZealandNationalCyberSecurityCentre,andtheUnitedKingdoms National Cyber Security Centre.37A comprehensive discussion on self-managed GAI tools is beyond the scope of this Guide. However, in addition to providing the CIS in Appendix 6, we summarize below several of the most important safeguards for those lawyers who are interested in deploying a self-managed GAI tool to consider:Deployment Environment Security: Self-managed tools must run in a hardened environment. Firmsare responsible for applying secure configurations, enforcing strong access controls, segmenting networks, and adopting defense-in-depth practices across the entire deployment.Supply Chain and Model Integrity: Open-weight models and external data sources must be carefullyvalidated.Lawfirmsshouldconfirmthedigitalintegrityofkeytransformercomponentsandmaintain version control to protect against tampered or malicious models. For example, we areawareofincidentsinwhichmaliciousmodelsweredownloadedfromwidelyuseddistribution sites. 38Model Weight Protection: The trained weights of a self-hosted model are highly sensitive. Lawyersmustensurethatweightsarestoredsecurely,accessisrestrictedtoessentialpersonnel,and exposure through APIs is minimized to reduce risks of exfiltration or inversion attacks.Monitoring and Incident Response: Self-managed deployments require continuous monitoring foranomalies and suspicious activity. Law firms or their outsourced IT providers should maintain logs,alerting systems, and a documented incident response plan that supports isolation, patching, and rollback of compromised systems.Data Protection and Secure Deletion: When no external provider manages storage, the firm is directlyresponsible for encryption, secure key management, and verified deletion of data, logs, and training inputs when no longer needed.Patching and Updates: Self-managed GAI tools require regular updates and security patches, both forthe application itself and the underlying hardware or cloud environment. Before deployment, firmsshould also test whether their systems can be restored quickly and securely if something goes wrong.Lawyers using self-managed systems may use the safeguards in the Cybersecurity Information Sheet (CIS, Appendix 6) to assess whether a system is appropriate for each information classification (Table 2) and to guide client communications (Table 3). The following non-binding examples show one way to document that approach: 37Natl Sec. Agency Artificial Intelligence Sec. Ctr. et al.,Deploying AI Systems Securely: Best Practices for Deploying(Apr. 2024).Hugging Face AI Platforms Problem with Malicious AISe Ncu.Jr.e C aynbde rRseesciulireinttyA&ICSyosmtemmcsns Integration Cell, (Mar. 7, 2024), 38https://www.cyber.nj.gov/Home/Components/News/News/1216/214 (last visited Sept. 13, 2025).Page | 17'