b'Joint Cybersecurity Information TLP:CLEARDeploying AI Systems Securely Best Practices for Deploying Secure and Resilient AI Systems Executive summary Deploying artificial intelligence (AI) systems securely requires careful setup and configuration that depends on the complexity of the AI system, the resources required (e.g., funding, technical expertise), and the infrastructure used (i.e., on premises, cloud, or hybrid). This report expands upon the secure deployment and secure operation and maintenance sections of the Guidelines for secure AI system development and incorporates mitigation considerations from Engaging with Artificial Intelligence (AI). It is for organizations deploying and operating AI systems designed and developed by another entity. The best practices may not be applicable to all environments, so the mitigations should be adapted to specific use cases and threat profiles. [1], [2]AI security is a rapidly evolving area of research. As agencies, industry, and academia discover potential weaknesses in AI technology and techniques to exploit them, organizations will need to update their AI systems to address the changing risks, in addition to applying traditional IT best practices to AI systems.This report was authored by the U.S. National Security Agencys Artificial Intelligence Security Center (AISC), the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Australian Signals Directorates Australian Cyber Security Centre (ACSC), the Canadian Centre for Cyber Security (CCCS), the New Zealand National Cyber Security Centre (NCSC-NZ), and the United Kingdoms National Cyber Security Centre (NCSC-UK). The goals of the AISC and the report are to: 1.Improve the confidentiality, integrity, and availability of AI systems;2.Assure that known cybersecurity vulnerabilities in AI systems are appropriately mitigated; and3.Provide methodologies and controls to protect, detect, and respond to malicious activity against AI systems and related data and services. This document is marked TLP:CLEAR. Recipients may share this information without restriction. Information is subject to standard copyright rules. For more on the Traffic Light Protocol, see cisa.gov/tlp/. TLP:CLEARU/OO/143395-24 | PP-24-1538 | April 2024 Ver. 1.0'