Following is a threat model for AI systems based on IBM AI Risk Atlas Risk Description Threat Context Mitigating Controls Question to Application Owner Control Type Attribute inference attack Inferring sensitive attributes from seemingly anonymous data. Privacy loss and potential discrimination. Predicting ethnicity or income level from usage patterns. Limit model access, privacy-preserving learning, regular… Continue reading Cyber Risks in AI
Tag: Threat Modeling
Acknowledging Non-Applicable Threats
Is it important to account for or acknowledge risks that may not apply to an organization or system? What if you identified a risk that you would typically consider for but would not use due because of the context. Say, for example, your organization is not in a floodplain however it is usual to consider… Continue reading Acknowledging Non-Applicable Threats