Sat. Jan 29th, 2022
    en flag
    nl flag
    et flag
    fi flag
    fr flag
    de flag
    he flag
    ja flag
    lv flag
    pl flag
    pt flag
    ru flag
    es flag

    Content Assessment: From Taxonomies to Threats? Securing Machine Learning Algorithms

    Information - 97%
    Insight - 95%
    Relevance - 92%
    Objectivity - 93%
    Authority - 96%



    A short percentage-based assessment of the qualitative benefit of the recently published ENISA report on securing machine learning algorithms.

    Editor’s Note: The European Union Agency for Cybersecurity, ENISA, is the Union’s agency dedicated to achieving a high common level of cybersecurity across Europe. In December of 2021, ENISA published Securing Machine Algorithms, a report that presents a taxonomy of machine learning techniques and core functionalities as well as a mapping of threats targeting machine learning techniques and the vulnerabilities of machine learning algorithms. This new report may be beneficial for cybersecurity, information governance, and legal discovery professionals operating in the eDiscovery ecosystem as they consider cyber discovery through the lens of increasing cyber threats.

    Press Announcement And Report*

    Artificial Intelligence: How to Make Machine Learning Cyber Secure

    Machine learning (ML) is currently the most developed and the most promising subfield of artificial intelligence for industrial and government infrastructures. By providing new opportunities to solve decision-making problems intelligently and automatically, artificial intelligence (AI) is applied in almost all sectors of our economy.

    While the benefits of AI are significant and undeniable, the development of AI also induces new threats and challenges, identified in the ENISA AI Threat Landscape.

    Machine learning algorithms are used to give machines the ability to learn from data in order to solve tasks without being explicitly programmed to do so. However, such algorithms need extremely large volumes of data to learn. And because they do, they can also be subjected to specific cyber threats.

    The Securing Machine Learning Algorithms report presents a taxonomy of ML techniques and core functionalities. The report also includes a mapping of the threats targeting ML techniques and the vulnerabilities of ML algorithms. It provides a list of relevant security controls recommended to enhance cybersecurity in systems relying on ML techniques. One of the challenges highlighted is how to select the security controls to apply without jeopardizing the expected level of performance.

    The mitigation controls for ML-specific attacks outlined in the report should in general be deployed during the entire lifecycle of systems and applications making use of ML.

    Machine Learning Algorithms Taxonomy

    Based on desk research and interviews with the experts of the ENISA AI ad-hoc working group, a total of 40 most commonly used ML algorithms were identified. The taxonomy developed is based on the analysis of such algorithms.

    The non-exhaustive taxonomy devised is to support the process of identifying which specific threats target ML algorithms, what are the associated vulnerabilities, and the security controls needed to address those vulnerabilities.

    Target Audience

    • Public/government: EU institutions & agencies, regulatory bodies of Member States, supervisory authorities in data protection, military and intelligence agencies, law enforcement community, international organizations, and national cybersecurity authorities.
    • Industry at large including small & medium enterprises (SMEs) resorting to AI solutions, operators of essential services ;
    • AI technical, academic and research community, AI cybersecurity experts, and AI experts such as designers, developers, ML experts, data scientists, etc.
    • Standardization bodies.


    The EU Agency for Cybersecurity continues to play a bigger role in the assessment of Artificial Intelligence (AI) by providing key input for future policies. The Agency takes part in the open dialogue with the European Commission and EU institutions on AI cybersecurity and regulatory initiatives to this end.

    The Agency set up the ENISA Ad Hoc Working Group on Cybersecurity for Artificial Intelligence last year. The working group supports ENISA in the process of building knowledge on AI Cybersecurity. Members of the group come from the European Commission Directorate-General Communications Networks, Content and Technology (DG CONNECT), the European Commission Directorate-General Joint Research Committee (DG JRC), Europol, the European Defence Agency (EDA), the European Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security and Justice (eu-LISA), the European Telecommunications Standards Institute (ETSI), as well as academics and industry experts.

    Further Information

    Read the original announcement.

    Read the Complete Report: Securing Machine Learning Algorithms (PDF) – Mouseover to Scroll

    ENISA Report - Securing Machine Learning Algorithms

    Original Submission: The European Union Agency for Cybersecurity, 2021. Securing Machine Learning Algorithms. [online] Attiki: ENISA. Available at: <> [Accessed 21 December 2021].

    *Shared with permission under Creative Commons – Attribution 4.0 International (CC BY 4.0) – license.

    Additional Reading

    Source: ComplexDiscovery


    Have a Request?

    If you have information or offering requests that you would like to ask us about, please let us know and we will make our response to you a priority.

    ComplexDiscovery is an online publication that highlights cyber, data, and legal discovery insight and intelligence ranging from original research to aggregated news for use by cybersecurity, information governance, and eDiscovery professionals. The highly targeted publication seeks to increase the collective understanding of readers regarding cyber, data, and legal discovery information and issues and to provide an objective resource for considering trends, technologies, and services related to electronically stored information.

    ComplexDiscovery OÜ is a technology marketing firm providing strategic planning and tactical execution expertise in support of cyber, data, and legal discovery organizations. Focused primarily on supporting the ComplexDiscovery publication, the company is registered as a private limited company in the European Union country of Estonia, one of the most digitally advanced countries in the world. The company operates virtually worldwide to deliver marketing consulting and services.

    Time to Assess? NIST Updates Security Control Assessment Procedures

    Security and privacy control assessments are not about checklists, simple pass/fail...

    [2021/2022 Annual Update] International Cyber Law in Practice: Interactive Toolkit

    New scenarios ranging from cyber operations against medical facilities to a...

    A Comprehensive Cyber Discovery Resource? The DoD Cybersecurity Policy Chart from CSIAC

    The Cyber Security and Information Systems Information Analysis Center (CSIAC) is...

    Business Interrupted? The 11th Edition of the Annual Allianz Risk Barometer

    According to the new report, following a year of unprecedented cyber-attacks,...

    A Nuix Update: First Half 2022 Financial Results

    Since the Trading Update at the Annual General Meeting (AGM) covering...

    Mitratech Acquires Quovant

    According to Mike Williams, CEO of Mitratech, “We are thrilled to...

    eDiscovery Mergers, Acquisitions, and Investments in 2021

    Since beginning to track the number of publicly highlighted merger, acquisition,...

    eDiscovery Mergers, Acquisitions, and Investments in Q4 2021

    From Consilio and Epiq to Driven and Innovative Discovery, the following...

    Trusting the Process? 2021 eDiscovery Processing Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    The Year in Review? 2021 eDiscovery Review Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    A 2021 Look at eDiscovery Collection: Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    An eDiscovery Market Size Mashup: 2021-2026 Worldwide Software and Services Overview

    From market retraction in 2020 to resurgence in 2021, the worldwide...

    Five Great Reads on Cyber, Data, and Legal Discovery for January 2022

    From artificial intelligence and machine learning to business confidence and cybersecurity...

    Five Great Reads on Cyber, Data, and Legal Discovery for December 2021

    From CISA cybersecurity guidance to mastering megamatters, the December 2021 edition...

    Five Great Reads on Cyber, Data, and Legal Discovery for November 2021

    From worldwide eDiscovery market sizing and discovery intelligence to cybersecurity playbooks...

    Five Great Reads on Cyber, Data, and Legal Discovery for October 2021

    From artificial intelligence and predictive coding to eDiscovery business confidence and...

    A Talent Trap? Issues Impacting eDiscovery Business Performance: A Winter 2022 Overview

    In the winter of 2022, 35.2% of respondents viewed lack of...

    Transfers in Order? eDiscovery Operational Metrics in the Winter of 2022

    In the winter of 2021, 43 eDiscovery Business Confidence Survey participants...

    A View from the Top? Winter 2022 eDiscovery Business Confidence Survey Results

    Since January 2016, 2,649 individual responses to twenty-five quarterly eDiscovery Business...

    Common Cents? An Aggregate Overview of Seven Semi-Annual eDiscovery Pricing Surveys

    The anonymized aggregate results from seven semi-annual surveys highlight eDiscovery pricing...