Part 2: AI Asset Management (ID.AM)
Understanding the AI Attack Surface
The first step in securing AI systems is knowing where they exist.
Many organizations have limited visibility into the AI technologies being used across the enterprise. Employees may adopt generative AI tools independently, creating what is often referred to as “Shadow AI.”
The Identify function of NIST CSF 2.0 emphasizes maintaining accurate inventories of systems, data, and services.
AI Asset Discovery
Organizations should track:
AI models and machine learning systems
Generative AI tools used by employees
AI-enabled applications and APIs
Training datasets and data pipelines
Third-party AI integrations
Without this visibility, organizations cannot effectively manage AI security risks.
AI Risk Mapping
Once assets are identified, security teams should evaluate risks such as:
Data exposure through AI prompts
Model manipulation or tampering
Unauthorized access to AI services
Dependency on external AI infrastructure
AI asset inventories allow security teams to prioritize protection efforts and identify high-risk systems.
William Tulaba is a cybersecurity executive and security engineering leader focused on enterprise security strategy, cloud risk, and security operations.