HomeTopicsSecuring Artificial Intelligence

Securing Artificial Intelligence

Securing artificial intelligence (AI) requires a risk-based approach that embeds transparency, accountability, and resilience across the AI lifecycle.

 

Artificial intelligence is embedded in everyday life. It powers business operations, public services, and critical infrastructure. From predictive analytics to automated decision-making, organizations rely on AI to drive innovation, efficiency, and growth.

 

As AI adoption accelerates, so do the risks. Securing artificial intelligence  is essential and helps ensure that AI systems remain trustworthy, resilient, and safe for both public and private sector use.  

These are some of the security challenges AI systems introduce:

Prompt Injections

As explained in our white paper, Prompt Injections: The Inherent Threat to Generative AI, prompt injections are an attack technique that manipulates large language models (LLM) and their task-specific agents to engage in malicious behavior. They fall into two categories:

  • Direct prompt injections: An attacker directly passes input to the LLM to manipulate its behavior and bypass or overwrite safeguards.
  • Indirect prompt injections: Attackers inject malicious prompts in the model through an intermediary step, such as prompts embedded into external data sources that pass from AI agents to an LLM.

Data Privacy

Data privacy is not a new security challenge, but it takes on a new dimension with AI. Organizations may train publicly available AI models on personally identifiable information (PII), trade secrets, and other sensitive details. Those same models may remember that information and regurgitate it for other users, creating business and reputation risks. 

Data Poisoning

Threat actors may feed corrupted, untrue, or misleading information to the training or tuning inputs of AI models. These types of training sets will "poison" the outputs of those models, raising the possibility of errors in relation to finance, market research, compliance, and other business-critical functions.

Without a strong security foundation, these and other AI risks can undermine trust, disrupt operations, and expose organizations to significant harm.

Securing artificial intelligence is essential to ensuring that AI systems remain trustworthy, resilient, and safe for both public and private sector use. A risk-based approach to AI security helps organizations protect data, maintain system integrity, and support responsible AI adoption at scale.

Related Content

Continue learning about AI in related blog posts and podcasts.

Learn More

Webinars

Register for an upcoming AI webinar or watch an on-demand session.

Learn More

In The News

Explore press releases and media insights featuring CIS expert perspectives about AI.

Learn More

Information Hub

CIS Controls

Blog Post06.25.2026
CIS Controls Accreditation Drives Global Cybersecurity Standards
Read More Blog Post
Blog Post06.12.2026
CIS Controls Community Volunteer Spotlight: Diego Bolatti
Read More Blog Post
White Paper06.10.2026
CIS Controls v8.1.2 Worksheet — Arabic
Read More White Paper
Blog Post06.05.2026
Cybersecurity Hygiene Reinforced by the 2026 Verizon DBIR
Read More Blog Post