ISO/IEC 27090 Guidance on the use of AI security and privacy controls

ISO/IEC 27090 is an international standard under development, officially titled 'Information security, cybersecurity and privacy protection — Artificial intelligence — Guidance on the use of AI security and privacy controls.' As part of the ISO/IEC 27000 family, it is specifically designed to address the unique security and privacy risks posed by AI systems. Its core purpose is to provide practical guidance for organizations on selecting, implementing, and maintaining appropriate controls throughout the AI lifecycle. Unlike certifiable standards like ISO/IEC 27001, it serves as a supportive guide. It aims to translate high-level principles from standards like ISO/IEC 23894 (AI Risk Management) and the NIST AI Risk Management Framework into actionable security measures. The guidance will reference controls from ISO/IEC 27002 and privacy principles from ISO/IEC 29100, offering tailored advice to mitigate AI-specific threats such as data poisoning, model evasion, and adversarial attacks, thereby supporting compliance with regulations like the EU AI Act.

ISO 27090 acts as a practical bridge between AI risk assessment and security implementation. The application involves three key steps. First, **Risk Identification and Contextualization**: Based on frameworks like the NIST AI RMF, organizations identify specific threats to their AI systems, such as data poisoning in training sets or adversarial attacks against deployed models. Second, **Control Selection and Customization**: Using ISO 27090's guidance, they select relevant controls from frameworks like ISO/IEC 27002 and tailor them to the AI context. For example, access control measures are extended to protect model files, APIs, and sensitive training data. Third, **Integration and Monitoring**: These controls are embedded into the MLOps pipeline, with continuous monitoring to ensure effectiveness. For instance, a fintech company could use this guidance to secure its credit scoring model, resulting in a quantifiable reduction in successful adversarial attacks and ensuring it meets the security requirements of the EU AI Act, thus mitigating significant financial and compliance risks.

Taiwanese enterprises face three primary challenges with ISO 27090 adoption. First, a **talent gap** in professionals skilled in both AI and cybersecurity makes it difficult to assess and mitigate unique AI risks. The solution is to form cross-functional teams (data scientists, security experts, legal) and leverage external consultants for training. Second, **regulatory uncertainty**: Taiwan's specific AI legislation is still developing, reducing the immediate compliance pressure compared to the EU. A proactive strategy is to adopt ISO 27090 as a best practice framework to build a competitive edge and prepare for future regulations. Third, **limited resources**, especially for SMEs who may view AI security as a high-cost investment. The countermeasure is a risk-based approach, prioritizing high-risk AI applications (e.g., those handling personal data) and utilizing open-source security tools like the OWASP AI Exchange to manage costs. A phased approach, starting with a gap analysis and a pilot project, is recommended.

Winners Consulting specializes in ISO 27090 for Taiwan enterprises, delivering compliant management systems within 90 days. Free consultation: https://winners.com.tw/contact