Adapting security for AI 14 Operationalizing a shared responsibility model To operationalize this shared responsibility 1. Data access controls: Safeguard data with that safeguard AI at every level, organizations APIs, ACLs, and labeling. can focus on three key areas, as shown in the 2. Application controls: Manage how diagram below. These three pillars form the applications interact with data and models. foundation to implement these controls and help create resilient AI systems. 3. AI model controls: Ensure AI models are secure to prevent unintended disclosures. Resource content Skills, functions, and plugins New data Prompt AI application Active data Massive data stores User content Generated content Dark data 1 Data access controls 2 Application controls 3 AI model controls (API, ACLs, and labels) (Access, input, output) (LLM safety and security) Don’t undo these boundaries Don’t give unlimited access It will give the secrets it knows Ensuring that access to data Managing how applications Safeguarding AI models, is strictly regulated through interact with data and models, particularly large language mechanisms like APIs, Access including the regulation of models, to prevent them from Control Lists, and data labeling. input, processing, and output. inadvertently revealing sensitive This helps maintain the This prevents AI applications information or being manipulated integrity and confidentiality of from becoming a weak link in to produce harmful outputs. data, preventing unauthorized the security chain, especially These controls are vital in access or misuse. when dealing with sensitive or maintaining the trustworthiness critical information. and security of AI systems.