CISA leads first tabletop exercise for AI cybersecurity

The Biden administration-led exercise featured 15 companies and several international cyber agencies.
Outline map of United States of America concept with data charts representing communication, internet and technology. (Getty Images)

Looking to build its incident response muscles before artificial intelligence becomes an even greater threat, the federal government on Thursday held its first tabletop for the burgeoning technology, bringing in partners from across the country and abroad for the exercise.

The Cybersecurity and Infrastructure Security Agency led the tabletop under the Joint Cyber Defense Collaborative, the operational arm of the cyber defense agency that is focused on working with industry, alongside 50 AI experts from 15 companies and several international cyber defense agencies.

The tabletop is one of several Biden administration initiatives in recent months aimed at mitigating the potential risks surrounding the technology, as major companies like Microsoft push for quick releases of AI-enabled products that could be exploited by cybercriminals.  

CISA did not release the details of the three modules in the tabletop, but the exercise with industry focused on understanding what makes up AI-enabled or AI-related cybersecurity incidents,  determining what types of information-sharing is needed and how industry can best work with the government, and vice versa.


A cyber incident could mean an AI system itself is jeopardized, or another system created by an AI is under threat, said Clayton Romans, associate director of the Joint Cyber Defense Collaborative at CISA.

“The key is there’s multiple potential ways in which AI could be vulnerable,” Romans said. “Part of it is establishing the lexicon and the understanding with companies who are new in this space, and tying them in with other companies who we’ve worked with for quite a while now in the JCDC and sort of build that baseline mutual understanding and technology.”

The four-hour AI tabletop exercise is a part of the development of CISA’s upcoming AI security incident collaboration playbook. The playbook, which is set to be released at the end of 2024, will be the first of many collaborative efforts from the JCDC, Romans said. It will lay out AI-specific incident response coordination between the public and private sector as well as international agencies.

“We are using this exercise now to lay that groundwork for how we’re going to collaborate together across these key companies, likely future key companies, and our very close and significant U.S. government partners who all have a role to play in this space,” Romans said.

In April, CISA released guidelines surrounding AI security for critical infrastructure owners and operators. The Department of Homeland Security also launched an AI safety and security board focused on the impact of AI to critical infrastructure.  


Additionally, CISA set up a working group to explore how AI can be used to mitigate threats stemming from supply chains, CISA Director Jen Easterly noted at a supply chain summit on Wednesday.

For Thursday’s tabletop exercise, CISA worked alongside the FBI, NSA, Department of Defense, Office of the Director for National Intelligence, and the Cyber National Mission Force. Participating technology companies included Microsoft, OpenAI, IBM, Palantir, Cisco, and Palo Alto Networks.

Also observing the exercise was the Australian Signals Directorate’s Australian Cyber Security Centre, the United Kingdom’s National Cyber Security Centre, New Zealand’s National Cyber Security Centre and the Canadian Centre for Cyber Security.

This article was updated June 14, 2024, to amend a description of tabletop details provided to CyberScoop by CISA.

Latest Podcasts