Risks from AI systems (Risks of computing infrastructure security)

Mitigation strategy

1. Establish a Zero Trust Architecture (ZTA) and Network Microsegmentation: Implement a Zero Trust model to rigorously verify every access request, regardless of origin, and apply microsegmentation to isolate computing nodes, data pipelines, and model deployment infrastructure. This minimizes the attack surface for lateral movement and contains cross-boundary threats. 2. Enforce Robust Identity and Access Management (IAM): Apply least-privilege policies to all human operators and automated AI agents, ensuring they have the minimum permissions necessary to perform their functions. Mandate strong authentication, such as Multi-Factor Authentication (MFA), for all privileged access to computing resources to prevent unauthorized consumption. 3. Implement Continuous Monitoring and Hardening: Deploy continuous behavior analytics across training pipelines and inference endpoints to track model performance, data quality, and resource usage in real-time. Additionally, maintain up-to-date patching of all operating systems, firmware, and security-enforcing devices to address exploitable vulnerabilities in the computing infrastructure layer.