Cybersecurity foundations establish the baseline security posture for the AI system’s infrastructure and operations. Network security covers dedicated VPC segmentation, ingress/egress restriction with WAF, and DDoS protection. Zero trust architecture implements identity-based access with SPIFFE/SPIRE, microsegmentation, and continuous verification.

Authentication and access control enforces MFA, RBAC, and service-to-service mTLS alongside granular access controls for model artefacts, training data, and configuration. Encryption applies AES-256 at rest and TLS 1.3 in transit with key management through HSM or cloud KMS. Vulnerability management maintains a centralised register with severity-based SLAs. Patch management defines patching cadences and emergency procedures.

Note:

This section corresponds to the Cybersecurity Foundations section and feeds primarily into AISDP Module 9 (Robustness and Cybersecurity).