Microsoft’s AI Red Team has published 8 lessons on the security of generative AI, based on their experience red-teaming 100 Generative AI products.
The main takeaways centre on the need to understand the applications of AI systems, acknowledge that these systems can still be breached even without computing gradients, and recognise the importance of the human element in AI security.
Criticising the report, Clive Robinson, a cybersecurity specialist, suggests that the list of takeaways belies the actual risks associated with the security of AI.
According to Robinson, vulnerabilities in AI systems are unlikely to be found by those searching for “known knowns”, but rather by those seeking to systematically exploit individuals, such as political opponents or journalists.