This program is designed to equip security architects, data scientists, and CISOs with the knowledge to secure AI/ML systems and ethically leverage AI for enhanced cybersecurity defenses:

• Security Architects and Engineers.
• Data Scientists and ML Engineers.
• CISO and Security Directors.
• Application and DevSecOps Engineers.
• AI/ML Product Owners.
• Risk and Governance Professionals.
• Threat Hunters and SOC Analysts.

• Group activity conducting a risk assessment on a deployed AI/ML model.
• Technical discussions comparing different defensive techniques (e.g., adversarial training, input sanitization).
• Case studies on model poisoning and data inference attacks.
• Role-playing a security review for a business unit that wants to use Generative AI.
• Individual assignment outlining a security strategy for an MLOps pipeline.

Unit 1: Foundations of AI/ML Security

• Defining AI/ML systems and their components (data, model, algorithms).
• Unique security risks to the AI lifecycle (data poisoning, model evasion, inference).
• Review of established AI/ML security frameworks and best practices.
• The need for a "Trustworthy AI" approach encompassing security, privacy, and ethics.

• Deep dive into Adversarial Examples and their generation (e.g., evasion attacks).
• Model Poisoning attacks targeting the training data integrity.
• Model Inversion and Membership Inference attacks for data leakage.
• Techniques for detecting and defending against common adversarial attacks.

Unit 2: Securing the AI/ML Pipeline and Data

• Ensuring the integrity and provenance of training and testing data.
• Privacy-enhancing technologies (PETs): Differential Privacy and Federated Learning.
• Access control and encryption for sensitive data in data lakes and model repositories.
• Managing data bias and its impact on security and ethical outcomes.

• Implementing security and integrity checks during model training and validation.
• Model versioning, integrity validation, and provenance tracking.
• Securing the model deployment environment (inference APIs, endpoints).
• Integrating security testing into the MLOps/DevSecOps pipeline.

Unit 3: AI/ML in Cybersecurity Defence

• Leveraging Machine Learning for User and Entity Behavior Analytics (UEBA).
• AI-driven anomaly detection in network traffic and security logs.
• Using AI for advanced malware classification and zero-day detection.
• The benefits and limitations of AI in SIEM and threat intelligence.

• Automating incident triage and response with AI and SOAR.
• AI-assisted vulnerability prioritization and exploit prediction.
• Natural Language Processing (NLP) for security policy and compliance checking.
• Ethical and transparency considerations for AI-driven security decisions.

Unit 4: Governance, Risk, and Compliance (GRC)

• Conducting a specific AI Risk Assessment and Impact Analysis.
• Establishing governance over AI models, data use, and acceptable risk.
• Monitoring for model drift and degradation in a production environment.
• Developing an incident response plan for AI model compromise or failure.

• Regulatory oversight and pending AI-specific legislation (e.g., EU AI Act).
• The challenge of 'explainability' and model transparency for auditors.
• Bias and fairness in AI models and their security implications.
• Establishing an internal AI ethics board or review committee.

Unit 5: Advanced Topics and Future Trends

• Unique security risks of Large Language Models (LLMs) and other GenAI.
• Prompt injection and data leakage in GenAI applications.
• Implementing controls for GenAI usage and output filtering.
• The use of GenAI for social engineering and automated cyber attacks.

• Applying Homomorphic Encryption and Confidential Computing to AI.
• Security for Quantum Machine Learning models.
• The role of AI in security supply chain risk management.
• Automation of red-teaming and adversarial simulation using AI.