CISA's AI Playbook Pushes For More Information SharingCISA's AI Playbook Pushes For More Information Sharing

NEWS BRIEF

The U.S. Cybersecurity and Infrastructure Security Agency has released a new playbook providing detailed guidance for AI developers, providers, and adopters on how to voluntarily share cybersecurity information with federal agencies, private industry partners, and international stakeholders.

The JCDC AI Cybersecurity Collaboration Playbook encourages sharing information about cybersecurity incidents and vulnerabilities linked to AI systems. The playbook outlines specific protections and mechanisms for information exchange, such as the use of Traffic Light Protocol (TLP), which ensures controlled dissemination of sensitive information. Organizations should use the playbook to define their incident response activities, strengthen information sharing processes, and fortify defenses, CISA said. Participation is voluntary and there are no regulatory requirements for taking part.

The playbook encourages sharing information when malicious activity targeting AI systems is observed and proactively reporting newly identified cybersecurity vulnerabilities in products. Organizations are encouraged to share information that can be used to detect and prevent incidents, expose and disrupt adversary tactics and infrastructure, coordinate to address malicious infrastructure, and to identify and notify victims. Industry partners should flag opportunities for technical exchanges, identify priority issues for the AI community, promote after-the-fact analyses and knowledge-sharing, and join the JCDC.

"The playbook also identifies actionable information sharing categories applicable to broader critical infrastructure stakeholders and other sharing mechanisms," the agency said in a statement. "CISA encourages organizations to adopt the playbook’s guidance to enhance their own information-sharing practices, contributing to a unified approach to AI-related cybersecurity threats across critical infrastructure."

Issues related to AI fairness and ethics, as well as AI safety topics — such as risks to human life, health, property or the environment — are not covered by the playbook, CISA said.

The playbook was developed based on the results of two tabletop exercises in 2024 involving over 150 participants. The first exercise, hosted by Microsoft in June, explored the unique challenges posed by AI cybersecurity incidents. The second exercise, hosted by Scale AI in September, highlighted the need for enhanced operational collaboration and information sharing. CISA plans to periodically update the playbook with new recommendations.