ETSI releases EN 304 223, the first global standard for AI cybersecurity

The European Telecommunications Standards Institute (ETSI) has officially published ETSI EN 304 223, a landmark standard establishing the first global baseline for securing Artificial Intelligence (AI) models and systems. Formally approved by national standards organizations, this framework moves beyond traditional IT security to address “AI-native” threats that have emerged alongside generative models and deep neural networks.

The standard introduces a comprehensive lifecycle-based approach consisting of 13 core principles. These requirements are designed to shield AI systems from sophisticated attacks such as data poisoning, where training data is manipulated to subvert model behavior, and indirect prompt injection, which tricks models into revealing sensitive information. By mapping security controls to every phase the ETSI framework ensures that resilience is a continuous operational discipline rather than a one-time check.

The EN 304 223 will serve as a vital benchmark for the entire AI supply chain, providing vendors, integrators, and operators with a clear path to compliance with evolving regulations like the EU AI Act.

Add a comment

Leave a Reply