Threat-Informed Defense for the Financial Sector
The Cyber Risk Institute Profile is a distillation of the NIST Cybersecurity Framework tailored to address the financial services sector’s …
Secure AI with Threat-Informed Defense
By Suneel Sundar • May 9, 2025
Rapid adoption of AI has changed the threat landscape. AI-enabled systems are susceptible to traditional cybersecurity vulnerabilities and new attacks. As consumers and organizations integrate AI-enabled systems into their business, adversaries exploit them. Defenders must unite to thwart these new threats.
The Center for Threat-Informed Defense applies a threat-informed approach to AI security that enables rapid exchange of new threat information, develops approaches to emulating those threats, and provides comprehensive and effective mitigation strategies.
Get Involved
The Center’s 2024 Secure AI program, supported by 16 of its member organizations, significantly expanded MITRE ATLAS’s Knowledge Base and launched the AI Incident Sharing initiative. Building upon this, the 2025 Secure AI program will identify emerging AI security incidents, share about them, and offer mitigations. In 2025, we will further the Secure AI program in four ways:
- Expand the ATLAS Knowledge Base. Capture and characterize the evolving threats to AI-enabled systems and the malicious use of AI in cyber. We will collect empirical data from real-world observations and incorporate findings as structured updates to ATLAS.
- Expedite AI Incident Sharing. Characterize and disseminate anonymized information about attacks and failures in AI-enabled systems.
- Verifiable AI Vulnerability Discovery. Create verifiable and reproduceable vulnerability reports. Integrate existing model scanning and adversarial attack tools into a common platform in collaboration with CWE and CVE AI Working Groups and the AI Risk Database.
- AI Red Teaming and Adversary Emulation. Model threats with ATLAS through structured playbooks and methodologies.
Problem
The adoption of AI into existing infrastructures introduces an expanded threat landscape and new, unique, vulnerabilities to organizations.
Solution
Accelerate the development of MITRE ATLAS to meet industry needs in AI Security, including incident sharing, identifying new threats to and from Generative AI, and mitigation strategies that are widely applicable across industry.
Impact
Secure organizations against the unique, emergent, attack surfaces that arise in complex AI- enabled systems.
Innovation with Global Impact
Creatoing a safe and secure environment for AI-enabled systems is a challenge that larger than any single organization, sector, or country. Uniting sophisticated and innovative security teams from around the world creates innovative solutions at a global scale. Together we can change the game on cyber adversaries.
MITRE’s Center for Threat-Informed Defense is a non-profit, privately funded R&D organization focused on advancing the state of the art and the state of the practice in threat-informed defense. Together with the global private sector, the Center conducts applied research and advanced development to improve cyber defense at scale. And, since the Center operates for the public good, we freely share our research for the benefit of all.
Get Involved© 2025 The MITRE Corporation. Approved for Public Release. ALL RIGHTS RESERVED. Document number 25-0984.
About the Author
Recent Blog Posts:
Ambiguous Techniques: Determine Malice through Context
An ambiguous technique is a MITRE ATT&CK® technique whose observable characteristics are insufficient to determine intent. This means that …
Fight Fraud with Threat-Informed Defense
In 2025, the Center for Threat-Informed Defense will develop the Fight Financial Fraud (F3) framework of tactics, techniques, and procedures …