AI Defense: Cisco wants to protect AI applications and models with AI

With AI Defense, Cisco wants to protect AI systems from attacks and misuse and also secure the behavior of AI models. AI Defense has been specially developed for companies to develop and deploy AI applications as reliably as possible and to operate them securely. According to the manufacturer, the software should be integrated into the network structure and detect and defend against threats during the development of and access to AI applications. Cisco's Vice President of Product, AI Software and Platform, DJ Sampath, said that it is a reality "that we live in a multi-model and multi-cloud world". AI Defense should therefore be applicable regardless of the AI model used and regardless of where the data is processed.

Cisco sees the increasing diversity of models and locations as a major security challenge, especially when training with "non-public data" takes place on third-party models. AI Defense is intended to create appropriate guard rails for the development and application of AI. According to Cisco's own AI Readiness Index, only 29 percent of respondents feel fully equipped to detect and prevent unauthorized manipulation with AI. AI Defense is designed to protect against attacks on AI and secure model behavior across platforms. The software is designed to block sanctioned applications or applications used as shadow AI in public and private clouds using a set of rules and prevent data leaks by securing access to certain AI applications.

More threat scenarios

AI Defense uses automated validation tests to check AI models for hundreds of potential security risks. This AI-driven review of algorithms is designed to identify vulnerabilities and provide recommendations to security teams. Continuous validation during the runtime of AI applications is intended to prevent prompt injections, denial-of-service attacks and access to confidential data.

AI Defense is intended to implement an overarching security layer in parallel to the restrictions already built into the models and thus comply with consistent AI security guidelines regardless of the model used. To this end, the software uses machine learning based on data from Splunk (acquired by Cisco in 2023) and Cisco Talos to adapt to changes. The security mechanisms should also apply to apps that only contain AI components.

With AI Defense, Cisco's multi-billion AI investments are bearing fruit after the network business recently came under pressure. The general increase in the use of AI is creating additional threat scenarios, and many are reluctant to use and develop AI products due to data protection and information security concerns. This is where AI Defense comes in and is designed to offer enhanced protection for this challenge during the development and use of AI applications. The software is designed to protect against the misuse of AI tools and data leaks. AI Defense is based on Cisco's acquisitions of Armorblox and Robust Intelligence and will be available from February.

(olb)