AI Safety in Parliaments: Latest Standards and Compliance Challenges
DrFotiosFitsilis
95 views
14 slides
Mar 06, 2025
Slide 1 of 14
1
2
3
4
5
6
7
8
9
10
11
12
13
14
About This Presentation
Joint presentation by Fotis Fitsilis and Vasileios Alexiou at the International Workshop on Cybersecurity and Society (IWCS)
5 March 2025
Université du Québec en Outaouais, Canada
Slide Content
AI Safety in Parliaments:
Latest Standards and
Compliance Challenges
Dr. Fotis Fitsilis & Vasileios Alexiou
HELLENIC PARLIAMENT
International Workshop on Cybersecurity and Society (IWCS)
5 March 2025
Université du Québec en Outaouais
Latest Standards and
Compliance Challenges
Dr. Fotis Fitsilis & Vasileios Alexiou
HELLENIC PARLIAMENT
International Workshop on Cybersecurity and Society (IWCS)
5 March 2025
Université du Québec en Outaouais
Scope of the Presentation
•Examines how AI reshapes cybersecurity practices.
•Points at regulatory and security concerns in AI applications.
•Covers the latest frameworks for securing AI systems.
•Analyzes the benefits and risks of AI in cybersecurity.
•Provides guidance for assessing the evolving cybersecurity landscape.
•Urges ethical use of AI in parliamentary cybersecurity.
•Discusses common tools across parliaments.
•Sets minimum security standards and future trends.
2
•Examines how AI reshapes cybersecurity practices.
•Points at regulatory and security concerns in AI applications.
•Covers the latest frameworks for securing AI systems.
•Analyzes the benefits and risks of AI in cybersecurity.
•Provides guidance for assessing the evolving cybersecurity landscape.
•Urges ethical use of AI in parliamentary cybersecurity.
•Discusses common tools across parliaments.
•Sets minimum security standards and future trends.
2
Definitions
Artificial Intelligence (AI)
AI refers to systems demonstrating intelligent behavior by
analyzing their environment and acting with some autonomy
to achieve goals. These systems perform tasks typically
requiring human intelligence, such as learning, problem-
solving and decision-making. AI is increasingly integrated into
various sectors, driving automation, innovation and efficiency
improvements. The widespread adoption necessitates
understanding its capabilities and limitations.
Cybersecurity
Cybersecurity encompasses practices, processes and
technologies protecting networks, devices, programs and
data from attack, damage or unauthorized access. The
European Union Agency for Cybersecurity (ENISA)
emphasizes cybersecurity's role in ensuring confidentiality,
integrity and availability of information systems and data,
crucial for societal, economic and public safety functions.
Effective cybersecurity strategies are vital to mitigate risks
and safeguard digital assets in an interconnected world.
3
Artificial Intelligence (AI)
AI refers to systems demonstrating intelligent behavior by
analyzing their environment and acting with some autonomy
to achieve goals. These systems perform tasks typically
requiring human intelligence, such as learning, problem-
solving and decision-making. AI is increasingly integrated into
various sectors, driving automation, innovation and efficiency
improvements. The widespread adoption necessitates
understanding its capabilities and limitations.
Cybersecurity
Cybersecurity encompasses practices, processes and
technologies protecting networks, devices, programs and
data from attack, damage or unauthorized access. The
European Union Agency for Cybersecurity (ENISA)
emphasizes cybersecurity's role in ensuring confidentiality,
integrity and availability of information systems and data,
crucial for societal, economic and public safety functions.
Effective cybersecurity strategies are vital to mitigate risks
and safeguard digital assets in an interconnected world.
3
Understanding AI and
Cybersecurity
Exploring the basics – Assessing AI's function in cybersecurity.
1
AI fundamentals
Grasp core AI concepts.
Focus on machine learning
and neural networks.
2
Cybersecurity basics
Understand the fundamentals
of cybersecurity and the
threat landscape.
3
AI-cybersecurity intersection
Discover how AI enhances security. Look at threat detection and
response.
Cybersecurity
Exploring the basics – Assessing AI's function in cybersecurity.
1
AI fundamentals
Grasp core AI concepts.
Focus on machine learning
and neural networks.
2
Cybersecurity basics
Understand the fundamentals
of cybersecurity and the
threat landscape.
3
AI-cybersecurity intersection
Discover how AI enhances security. Look at threat detection and
response.
The Role of AI in Cybersecurity
Threat detection
AI enables real-time identification of anomalies and
malicious activities, enhancing threat detection capabilities.
Incident response
AI automates the mitigation of cyber threats, streamlining
incident response processes for quicker resolution.
Predictive analytics
AI forecasts potential attacks using historical data,
providing proactive security insights and allowing
preemptive measures.
Automated security response
AI models automate the initial response to security
incidents, such as isolating infected devices or blocking
suspicious IP addresses, speeding up the containment of
breaches.
5
Threat detection
AI enables real-time identification of anomalies and
malicious activities, enhancing threat detection capabilities.
Incident response
AI automates the mitigation of cyber threats, streamlining
incident response processes for quicker resolution.
Predictive analytics
AI forecasts potential attacks using historical data,
providing proactive security insights and allowing
preemptive measures.
Automated security response
AI models automate the initial response to security
incidents, such as isolating infected devices or blocking
suspicious IP addresses, speeding up the containment of
breaches.
5
Cybersecurity Risks in AI Systems
1
Adversarial attacks
Vulnerabilities in AI models are exploited through
manipulated inputs (e.g., adversarial examples).
2
Data poisoning
Training datasets are compromised to skew AI model
outcomes, impacting reliability.
3
Model inversion attacks
Sensitive information is extracted from AI models,
breaching privacy.
4
Privacy risks
AI systems processing personal data (e.g., facial
recognition, healthcare analytics) face increased data
breach risks.
6
1
Adversarial attacks
Vulnerabilities in AI models are exploited through
manipulated inputs (e.g., adversarial examples).
2
Data poisoning
Training datasets are compromised to skew AI model
outcomes, impacting reliability.
3
Model inversion attacks
Sensitive information is extracted from AI models,
breaching privacy.
4
Privacy risks
AI systems processing personal data (e.g., facial
recognition, healthcare analytics) face increased data
breach risks.
6
Challenges in Securing AI Systems
Complexity of AI models
Interpreting and securing
"black-box" models pose
significant challenges.
Lack of standardization
Absence of universal
frameworks for AI security
hinders consistent protection
measures.
Evolving threat
landscape
Cybercriminals utilize AI to
develop advanced attack
methods, outpacing defenses.
Ethical and regulatory
concerns
Bias in AI models and
compliance with data protection
laws (e.g., GDPR, CCPA)
complicate deployment.
Best Practices for AI Cybersecurity
Secure Development
Lifecycle (SDL)
Embed security into every phase
of AI development.
Robust data governance
Ensure data integrity,
confidentiality and availability.
Adversarial testing
Simulate attacks to identify and
address vulnerabilities.
Explainable AI
Develop transparent models to
improve trust and accountability.
7
Complexity of AI models
Interpreting and securing
"black-box" models pose
significant challenges.
Lack of standardization
Absence of universal
frameworks for AI security
hinders consistent protection
measures.
Evolving threat
landscape
Cybercriminals utilize AI to
develop advanced attack
methods, outpacing defenses.
Ethical and regulatory
concerns
Bias in AI models and
compliance with data protection
laws (e.g., GDPR, CCPA)
complicate deployment.
Best Practices for AI Cybersecurity
Secure Development
Lifecycle (SDL)
Embed security into every phase
of AI development.
Robust data governance
Ensure data integrity,
confidentiality and availability.
Adversarial testing
Simulate attacks to identify and
address vulnerabilities.
Explainable AI
Develop transparent models to
improve trust and accountability.
7
Case Studies: AI in Cybersecurity
Darktrace
AI-Driven threat detection. Detected and
responded to a ransomware attack in a
healthcare organization before data
encryption, showcasing real-time threat
mitigation.
Cylance
AI-Powered endpoint security.
Prevented a targeted malware attack on
a large manufacturing company's
industrial control systems (ICS),
securing critical infrastructure.
IBM Watson
These case studies illustrate the practical application and effectiveness of AI in enhancing cybersecurity across various
industries, providing valuable lessons for policymakers and cybersecurity professionals.
Cybersecurity seamlessly integrates with
existing SIEM to improve threat
detection and response. identified and
responded to a sophisticated phishing
campaign in a global financial services
firm, blocking the attack before data
compromise.
8
Darktrace
AI-Driven threat detection. Detected and
responded to a ransomware attack in a
healthcare organization before data
encryption, showcasing real-time threat
mitigation.
Cylance
AI-Powered endpoint security.
Prevented a targeted malware attack on
a large manufacturing company's
industrial control systems (ICS),
securing critical infrastructure.
IBM Watson
These case studies illustrate the practical application and effectiveness of AI in enhancing cybersecurity across various
industries, providing valuable lessons for policymakers and cybersecurity professionals.
Cybersecurity seamlessly integrates with
existing SIEM to improve threat
detection and response. identified and
responded to a sophisticated phishing
campaign in a global financial services
firm, blocking the attack before data
compromise.
8
Key Principles
Ethical use of AI in parliamentary cybersecurity
•Transparency & accountability: AI decisions must be
explainable and auditable.
•Privacy protection: Respect individual rights and data
protection regulations.
•Human oversight: Critical decisions require human
validation to prevent errors.
•Legal compliance: Align with national laws and
international cybersecurity frameworks.
•Data integrity: Protect AI models from data poisoning and
adversarial attacks.
•Ethical procurement: Ensure AI vendors follow ethical
development practices.
•Democracy: Safeguard democratic processes and
institutional integrity.
9
Ethical use of AI in parliamentary cybersecurity
•Transparency & accountability: AI decisions must be
explainable and auditable.
•Privacy protection: Respect individual rights and data
protection regulations.
•Human oversight: Critical decisions require human
validation to prevent errors.
•Legal compliance: Align with national laws and
international cybersecurity frameworks.
•Data integrity: Protect AI models from data poisoning and
adversarial attacks.
•Ethical procurement: Ensure AI vendors follow ethical
development practices.
•Democracy: Safeguard democratic processes and
institutional integrity.
9
Common Tools Across Parliaments?
While it would be ideal for all parliaments to use common cybersecurity tools, a one-size-fits-all approach is not always practical
due to differences in:
1.National security priorities → Each parliament faces unique threats based on its geopolitical context.
2.Regulatory and legal frameworks → Cybersecurity laws and data protection regulations vary across countries.
3.Infrastructure and budget → Some parliaments may have more advanced IT ecosystems and resources than others.
4.Operational needs → The size, structure and digital maturity of parliaments influence the tools they require.
5.Sovereignty and independence → Governments may prefer locally developed cybersecurity solutions to reduce reliance on
foreign technology.
10
While it would be ideal for all parliaments to use common cybersecurity tools, a one-size-fits-all approach is not always practical
due to differences in:
1.National security priorities → Each parliament faces unique threats based on its geopolitical context.
2.Regulatory and legal frameworks → Cybersecurity laws and data protection regulations vary across countries.
3.Infrastructure and budget → Some parliaments may have more advanced IT ecosystems and resources than others.
4.Operational needs → The size, structure and digital maturity of parliaments influence the tools they require.
5.Sovereignty and independence → Governments may prefer locally developed cybersecurity solutions to reduce reliance on
foreign technology.
10
Minimum Cybersecurity Standards
Common Threats
Protection against phishing, ransomware and insider threats.
Secure Communication
Secure communication among legislative bodies is paramount.
Interoperability
Ensure interoperability for international cooperation on cybersecurity.
A baseline set of cybersecurity tools ensures protection. This guarantees secure
communication and international cooperation.
Common Threats
Protection against phishing, ransomware and insider threats.
Secure Communication
Secure communication among legislative bodies is paramount.
Interoperability
Ensure interoperability for international cooperation on cybersecurity.
A baseline set of cybersecurity tools ensures protection. This guarantees secure
communication and international cooperation.
Future Trends in AI Cybersecurity
1
AI vs. AI
Cybercriminals are increasingly using AI to bypass AI-driven security measures,
creating a continuous cycle of adaptation and innovation.
2 Quantum Computing
Potential to disrupt current encryption methods, significantly impacting AI security
and requiring new cryptographic approaches.
3 Regulatory Evolution
Governments and organizations are actively developing AI-specific cybersecurity standards,
similar to automotive TISAX, to ensure compliance and safety.
4 Zero-Trust Architecture
Integrating AI into zero-trust frameworks for enhanced security, verifying every user
and device attempting to access network resources.
12
1
AI vs. AI
Cybercriminals are increasingly using AI to bypass AI-driven security measures,
creating a continuous cycle of adaptation and innovation.
2 Quantum Computing
Potential to disrupt current encryption methods, significantly impacting AI security
and requiring new cryptographic approaches.
3 Regulatory Evolution
Governments and organizations are actively developing AI-specific cybersecurity standards,
similar to automotive TISAX, to ensure compliance and safety.
4 Zero-Trust Architecture
Integrating AI into zero-trust frameworks for enhanced security, verifying every user
and device attempting to access network resources.
12
Conclusions and Call to Action
Takeaways
AI is a transformative force in cybersecurity but introduces
new risks, presenting a double-edged sword. Proactive,
collaborative, strategicand holistic approaches are essential
to secure AI systems. Collaboration between stakeholders is
critical to address emerging challenges effectively.
Call to action
Invest in AI security research and development to stay ahead
of evolving threats. Implement a feedback loop, using real-
world insights to refine and improve AI models. Stay updated
on the latest developments in AI and cybersecurity to ensure
your models benefit from the newest techniques and
technologies.
13
Takeaways
AI is a transformative force in cybersecurity but introduces
new risks, presenting a double-edged sword. Proactive,
collaborative, strategicand holistic approaches are essential
to secure AI systems. Collaboration between stakeholders is
critical to address emerging challenges effectively.
Call to action
Invest in AI security research and development to stay ahead
of evolving threats. Implement a feedback loop, using real-
world insights to refine and improve AI models. Stay updated
on the latest developments in AI and cybersecurity to ensure
your models benefit from the newest techniques and
technologies.
13
Thank you!
[email protected]
http://fitsilis.gr
Disclaimer: The information and views set out in this presentation are only those
of the author and do not necessarily reflect the official opinion of the Hellenic Parliament.
preencoded. png
[email protected]
http://fitsilis.gr
Disclaimer: The information and views set out in this presentation are only those
of the author and do not necessarily reflect the official opinion of the Hellenic Parliament.
preencoded. png
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 95
- Slides 14
- Age 290 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
85 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
79 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
76 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
62 views
21
Know for Certain
DaveSinNM
36 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
41 views