Edit Commun: Référent sécurité en Intelligence Artificielle/en

You do not have permission to edit this page, for the following reasons:

The action you have requested is limited to users in the group: Users.
This page cannot be updated manually. This page is a translation of the page Référent sécurité en Intelligence Artificielle and the translation can be updated using the translation tool.

Description courte* (requis - en une ligne)	FR Le référent cybersécurité pour les data scientists est intégré dans leur environnement de travail. Il est leur point de contact privilégié pour assurer concrètement la prise en compte de la cybersécurité dans les projets IA qu’ils développent. EN The cybersecurity advisor for data scientists is an integral part of their working environment. He or she is their main point of contact for ensuring that cybersecurity is taken into account in the AI projects they develop.
Image	📁 Liste des fichiers 📤 Téléverser un fichier
Tag(s) Défis abordés
Statut* (TRL) - 1 : Idée</br>- 2 : Prototype</br>- 3 : Validation</br>- 4 : Production	Idée Prototype Validation Production
Gouvernance Description de la gouvernance et de ses membres	FR EN
Modèle d’affaires Description du modèle d’affaire	FR EN
Contacts liés
Contributeur(s)
Utilisateur(s) Liste des Utilisateurs / Projets utilisants le Commun
Catégories liées
Acteur(s)
Lien externe

Description

Enregistrez pour pouvoir passer à l'éditeur visuel.

== What role for the cyber security advisor in Artificial Intelligence?== The cybersecurity advisor for data scientists : * Ensures that the data science team implements the security requirements of their organisation and regulators, applicable to their working environment and the AI models produced; * Maintains a culture and reflexes of cybersecurity in the data science team; * Relays the needs of the data science team to the cybersecurity correspondents in his/her organisation. == Day-to-day activities == As a member of (or seconded to) a data science team, the cybersecurity advisor for data scientists must : * Carrying out a daily security watch on the threats and vulnerabilities of AI models and their working environment (including languages, frameworks, libraries, infrastructure, etc.) so that the team can deal with them; * Provide the team with the applicable cybersecurity solutions: ::- Interact with the cybersecurity correspondents in his/her organisation to raise new needs and obtain appropriate solutions; ::- Capitalising on/developing protection mechanisms, security function libraries, scripts, etc. to secure the models developed and their data; ::- Monitor data science security solutions as they mature; * Train colleagues in the cyber risks to which their environment and models are exposed, as well as in good security practices for development and data handling; * Verify the application of security measures in their working environment; * Help colleagues to integrate "by design" security into the models they design, in particular by integrating mechanisms to detect critical data leakage or model manipulation/deflection; * Carry out code and model security reviews and validate before going into production. == Expected key competencies == === Organisational skills === * Understanding of business issues, providing use cases to be developed to better anticipate harmful deviations from the model and better target dataset protection. * Good knowledge of the organization's cybersecurity ecosystem/community * Capitalization and transmission of knowledge; === Data science skills === A data scientist or ML engineer with * Broad knowledge of the libraries used and available on the market * Extensive knowledge of MLOps development platforms * Proven experience of ML over the entire cycle: design, development, training/validation, integration === Cybersecurity skills === * Fundamentals of cybersecurity (threats, risk analysis, needs, mechanisms, architecture, cloudsec) * Ability to organize security intelligence (threats, vulnerabilities, solutions): source, processing... * Knowledge of AI attack types and mitigation principles * Working knowledge of data protection mechanisms, including data pipeline security (transfer, storage, calculation) or dataset extractions. * Practical knowledge of development security, including supply chain risks, opensource, git, etc. * Practical knowledge of code security review

Catégories liées

Groupe(s) de travail
Porté par le Campus :
Projet(s) :

Summary:

Cancel