AI Security

ByStefan Karg 20.02.202325.08.2025

What is the role of us security professionals when it comes to AI powered systems?

The image presents a scenario titled "Scenario 1" with a focus on the use of artificial intelligence (AI) in attacking traditional systems. The visual features two hands, one human and one robotic, reaching towards each other against a dark background, symbolizing the interaction between humans and AI.

The text in the image highlights the concern that AI is being used to attack traditional systems. It emphasizes the role of security management in ensuring that this new risk is accounted for and mitigated. The image poses a critical question to the viewer: "⚠️ Have you updated your risk analysis?" This suggests the importance of regularly updating risk assessments to address emerging threats posed by AI.

In the bottom right corner, the image is credited to "thecyberstefan," indicating the source or creator of the content. The overall message of the image underscores the evolving landscape of cybersecurity threats and the necessity for proactive risk management in the face of advancements in AI technology.

The image provides examples of different types of attacks on AI systems, highlighting the vulnerabilities and potential risks associated with each type of attack. Here is a detailed summary of the attacks mentioned:

Prompt Injection Attack:

Description: This type of attack involves injecting malicious input into an AI system.
Question: How stable is your model against malicious input?
Explanation: In AI systems, malicious input modifications can be very subtle and might be difficult for humans to recognize. However, these modifications can lead to completely unintended results, potentially causing the AI to behave in unexpected or harmful ways.
Data Poisoning Attack:

Description: This attack involves inserting malicious data into the training dataset of an AI model.
Question: How do you ensure that no malicious data is inserted into your training data?
Explanation: Changes in the training data might be hard to identify by humans due to the large amount of data involved. Malicious data can skew the learning process, leading to incorrect or biased model outputs.
Model Stealing:

Description: This attack involves an attacker gaining knowledge by stealing the AI model itself.
Question: Which knowledge could an attacker gain when being able to steal the model?
Explanation: If an attacker can steal the model, they can gain insights into the model's structure, training data, and decision-making processes. This knowledge can be used to prepare further attacks or exploit the model's vulnerabilities.
The image is credited to "thecyberstefan," indicating the source or creator of the content. The overall message emphasizes the importance of securing AI systems against various types of attacks to ensure their integrity and reliability.

Conferences / Events

Thanks for attending
ByStefan Karg 11.11.202225.08.2025

A big “Thank you” to all participants for attending the German edition of our ICS – Informatik Consulting Systems webinar today! I’m very happy, that so many people were interested in the topic “Security lifecycle management for existing ETCS products”. 📣 In case you’ve missed it or you’re not speaking German – don’t worry! There…

Read More Thanks for attending
OT | Security | Standardization

IEC 62443-3-2 Risk Assessment Workflow
ByStefan Karg 01.02.202525.08.2025

Critical infrastructure faces a growing number of security threats.. Critical infrastructure typically relies on Industrial Automation and Control Systems (IACS) and other non-IT components, often referred to as “Operational Technology.” To effectively assess cybersecurity risks within operational technology (OT) systems, adhering to the internationally recognized IEC 62443 standard is best practice. IEC 62443-3-2, part of…

Read More IEC 62443-3-2 Risk Assessment Workflow
AI

How will AI affect the security of industrial systems?
ByStefan Karg 07.06.202325.08.2025

This excellent talk from RSA Conference 2023 tries to answer this question with what is currently known regarding: A clear recommendation to watch this presentation by Jason Kramer and Dr. Ulrich Lang, CEO to anyone in the OT/ICS industry.

Read More How will AI affect the security of industrial systems?
OT | Security | Standardization

Railway Security standards
ByStefan Karg 08.08.202425.08.2025

In this post, I delve into the most relevant standards that secure our railway systems. Using Europe and Germany as a case study for the local and national level of standards, the following infographics provides a comprehensive overview of the most relevant standards helping to increase security on the tracks. 📄 Download infographics as pdf:…

Read More Railway Security standards
Conferences / Events

Security for Safety pitch at it-sa 2021
ByStefan Karg 19.10.202125.08.2025

A short excerpt from my pitch on ‘Security for Safety’ as part of the BW-International Session at it-sa 2021 is available here: Post | LinkedIn

Read More Security for Safety pitch at it-sa 2021
Rail technology | Security

How railway cyber security works in a nutshell
ByStefan Karg 10.08.202325.08.2025

Step 1: Plan Security Management: This is the first step in the process, indicating the importance of planning and managing security measures effectively. Step 2: Security Risk Analysis (IEC 62443-3-2): The second step involves conducting a security risk analysis in accordance with the IEC 62443-3-2 standard. This step is crucial for identifying potential security risks…

Read More How railway cyber security works in a nutshell

Similar Posts