Abstract
The use of Artificial Intelligence (AI) by enterprises has dramatically increased over the last decade and is estimated to accelerate further. This research aimed to identify, which impact AI will have on enterprise information security and how to address this in the context of the widely used security standards ISO 27001 and 27002. Guided by AI security aspects relating to AI enhanced cyber attacks, AI enhanced cyber defences, attacks against AI systems, AI malfunctions and AI human and societal impact, combined with the context of governance and regulations and additional dimensions of risk management and quantum computing, a systematic literature review was conducted to find current AI security challenges and defences, which were then comparatively analysed with ISO 27001/27002 controls. The results of this analysis confirmed, that existing ISO 27001 ISMS and security controls were not sufficient to address the emerging AI security challenges. To improve this lack of adequate security controls, six new security controls and ten modified existing security controls were proposed.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Copeland BJ (2023) Artificial intelligence. Encyclopædia Britannica. https://www.britannica.com/technology/artificial-intelligence. Accessed 14 Nov 2023
Perri L (2023) What’s new in artificial intelligence from the 2023 Gartner hype CycleTM, Gartner. https://www.gartner.com/en/articles/what-s-new-in-artificial-intelligence-from-the-2023-gartner-hype-cycle. Accessed 2 Sept 2023
Vinsel L (2023) Don’t get distracted by the hype around generative AI, MIT Sloan management review. https://sloanreview.mit.edu/article/dont-get-distracted-by-the-hype-around-generative-ai/. Accessed 2 Sept 2023
Bousquette I (2023) Companies increasingly fear backlash over their AI work. The Wall Street Journal. https://www.wsj.com/articles/companies-increasingly-fear-backlash-over-their-ai-work-53aff47c. Accessed 2 Sept 2023
ISACA (2023) The promise and peril of the AI revolution: managing risk. Schaumburg. https://www.isaca.org/-/media/files/isacadp/project/isaca/resources/white-papers/the-promise-and-peril-of-ai__0923.pdf. Accessed 20 Sept 2023
Financial Reporting Council (2018) The UK CORPORATE GOVERNANCE CODE. Financial Reporting Council, London. https://www.frc.org.uk/document-library/corporate-governance/2018/uk-corporate-governance-code-2018. Accessed 5 Sept 2023
Taylor A et al (2020) Information security management principles, 3rd edn. BCS, Swindon
NIST (2020) Security and privacy controls for information systems and organizations. Gaithersburg, MD. https://doi.org/10.6028/NIST.SP.800-53r5
NIST (2018) Framework for improving critical infrastructure cybersecurity, version 1.1. Gaithersburg, MD. https://doi.org/10.6028/NIST.CSWP.04162018
ISACA (2018) COBIT 2019 framework: introduction and methodology. ISACA, Schaumburg
Mirtsch M, Kinne J, Blind K (2021) Exploring the adoption of the international information security management system standard ISO/IEC 27001: a web mining-based analysis. IEEE Trans Eng Manag 68(1):87–100. https://doi.org/10.1109/TEM.2020.2977815
ISO/IEC (2023) Information security management systems: requirements (BS EN ISO/IEC 27001:2023). BSI Standards, London
ISO/IEC (2022) Information security controls (BS EN ISO/IEC 27002:2022). BSI Standards, London
Huntington C (2022) What do the ISO 27001 updates mean for your business? ISACA Now Blog. https://www.isaca.org/resources/news-and-trends/isaca-now-blog/2022/what-do-the-iso-27001-updates-mean-for-your-business. Accessed 5 Sept 2023
Ahmed HSA (2023) A guide to the updated ISO/IEC 27002:2022 standard, part 1, @ISACA. https://www.isaca.org/resources/news-and-trends/newsletters/atisaca/2023/volume-7/a-guide-to-the-updated-iso-iec-27002-2022-standard-part-1. Accessed 5 Sept 2023
NIST (2021) The five functions. https://www.nist.gov/cyberframework/online-learning/five-functions
Kaloudi N, Li J (2021) The AI-based cyber threat landscape. ACM Comput Surv 53(1):1–34. https://doi.org/10.1145/3372823
Hutchins E, Cloppert M, Amin R (2011) Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains. In: Armistead L (ed) ICIW2011-proceedings of the 6th international conference on information warfare and security. Academic Publishing International, Reading, pp 113–125
Guembe B et al (2022) The emerging threat of AI-driven cyber attacks: a review. Appl Artif Intell 36(1):e2037254. https://doi.org/10.1080/08839514.2022.2037254
Mirsky Y et al (2023) The threat of offensive AI to organizations. Comput Sec 124:103006. https://doi.org/10.1016/j.cose.2022.103006
MITRE (2023) Enterprise matrix. https://attack.mitre.org/matrices/enterprise/
Kroll JA, Michael JB, Thaw DB (2021) Enhancing cybersecurity via artificial intelligence: risks, rewards, and frameworks. Computer 54(6):64–71. https://doi.org/10.1109/MC.2021.3055703
Kaur R, Gabrijelčič D, Klobučar T (2023) Artificial intelligence for cybersecurity: literature review and future research directions. Inform Fus 97:101804. https://doi.org/10.1016/j.inffus.2023.101804
NIST (2023) Cybersecurity framework components. https://www.nist.gov/cyberframework/online-learning/cybersecurity-framework-components. Accessed 2 Aug 2023
Samoili S et al (2020) AI WATCH. Defining artificial intelligence. European Commission. https://doi.org/10.2760/382730
IBM (2023) Cost of a data breach report 2023. Armonk
Zhang Z et al (2022) Explainable artificial intelligence applications in cyber security: state-of-the-art in research. IEEE Access 10:93104–93139. https://doi.org/10.1109/ACCESS.2022.3204051
Rudin C (2019) Stop explaining black box machine learning models for high stakes decisions and use interpretable models instead. Nat Mach Intell 1(5):206–215. https://doi.org/10.1038/s42256-019-0048-x
Slack D et al (2023) Explaining machine learning models with interactive natural language conversations using TalkToModel. Nat Mach Intell 5(8):873–883. https://doi.org/10.1038/s42256-023-00692-8
Chung MH et al (2023) Implementing data exfiltration defense in situ: a survey of countermeasures and human involvement. ACM Comput Surv 55(14):303. https://doi.org/10.1145/3582077
Wang Z et al (2023) Threats to training: a survey of poisoning attacks and defenses on machine learning systems. ACM Comput Surv 55(7):1–36. https://doi.org/10.1145/3538707
Liu W et al (2021) Two sides of the same coin: boons and banes of machine learning in hardware security. IEEE J Emerg Select Top Circ Syst 11(2):228–251. https://doi.org/10.1109/JETCAS.2021.3084400
Akhtar N, Mian A (2018) Threat of adversarial attacks on deep learning in computer vision: a survey. IEEE Access 6:14410–14430. https://doi.org/10.1109/ACCESS.2018.2807385
Shumailov I et al (2021) ‘Sponge examples: energy-latency attacks on neural networks. In: Proceedings of the 2021 IEEE European symposium on security and privacy, Euro S and P 2021, pp 212–231. https://doi.org/10.1109/EUROSP51992.2021.00024
Caviglione L et al (2023) Emerging challenges and perspectives in deep learning model security: a brief survey. Syst Soft Comput 5:200050. https://doi.org/10.1016/J.SASC.2023.200050
Mehrabi N et al (2021) A survey on bias and fairness in machine learning. ACM Comput Surv 54(6):607. https://doi.org/10.1145/3457607
Ji Z et al (2023) Survey of hallucination in natural language generation. ACM Comput Surv 55(12):1–38. https://doi.org/10.1145/3571730
Edwards B (2023) Why ChatGPT and Bing Chat are so good at making things up|Ars Technica, ars technica. https://arstechnica.com/information-technology/2023/04/why-ai-chatbots-are-the-ultimate-bs-machines-and-how-people-hope-to-fix-them/. Accessed 21 Aug 2023
McGowan A et al (2023) ChatGPT and bard exhibit spontaneous citation fabrication during psychiatry literature search. Psych Res 326:115334. https://doi.org/10.1016/j.psychres.2023.115334
Hanif MA et al (2018) Robust machine learning systems: reliability and security for deep neural networks. In: Proceedings of the 2018 IEEE 24th international symposium on on-line testing and robust system design, IOLTS 2018, pp 257–260. https://doi.org/10.1109/IOLTS.2018.8474192
Bankins S, Formosa P (2019) When AI meets PC: exploring the implications of workplace social robots and a human-robot psychological contract. Eur J Work Org Psychol 29(2):215–229. https://doi.org/10.1080/1359432X.2019.1620328
Oravec JA (2023) Rage against robots: Emotional and motivational dimensions of anti-robot attacks, robot sabotage, and robot bullying. Technol Forecast Soc Change 189:122249. https://doi.org/10.1016/J.TECHFORE.2022.122249
Dattathrani S, De R (2023) The concept of agency in the era of artificial intelligence: dimensions and degrees. Inform Syst Front 25(1):29–54. https://doi.org/10.1007/S10796-022-10336-8/FIGURES/4
Salo-Pöntinen H (2021) AI ethics-critical reflections on embedding ethical frameworks in AI technology. Lect Notes Comput Sci 12795:311–329. https://doi.org/10.1007/978-3-030-77431-8_20
Gillespie N et al (2023) Trust in artificial intelligence: a global study. https://doi.org/10.14264/00d3c94
Thieullent A-L et al (2019) Why addressing ethical questions in AI will benefit organizations. https://www.capgemini.com/gb-en/wp-content/uploads/sites/5/2022/05/AI-in-Ethics_Web.pdf. Accessed 3 Oct 2023
Tabassi E (2023) NIST AI 100-1: artificial intelligence risk management framework (AI RMF 1.0). NIST, Gaithersburg
Oprea A, Vassilev A (2023) Adversarial machine learning: a taxonomy and terminology of attacks and mitigations (draft). Gaithersburg. https://doi.org/10.6028/NIST.AI.100-2e2023.ipd
ISO/IEC (2022) Draft BS ISO/IEC 42001 information technology: artificial intelligence—management system. BSI Group, Geneva
ISO/IEC (2022) ISO/IEC AWI 27090: cybersecurity—artificial intelligence—guidance for addressing security threats and failures in artificial intelligence systems. https://www.iso.org/standard/56581.html. Accessed 25 Aug 2023
ISO/IEC (2020) ISO/IEC TR 24028:2020: information technology—artificial intelligence—overview of trustworthiness in artificial intelligence. BSI Standards, London
European Commission (2021) Proposed EU regulation COM/2021/206. European Union, Brussels. https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A52021PC0206. Accessed 25 Aug 2023
CDEI (2021) The roadmap to an effective AI assurance ecosystem. Centre for Data Ethics and Innovation, London. https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/1039146/The_roadmap_to_an_effective_AI_assurance_ecosystem.pdf. Accessed 25 Aug 2023
HM Government (2021) National AI strategy. Office for Artificial Intelligence, London. https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/1020402/National_AI_Strategy_-_PDF_version.pdf. Accessed 25 Aug 2023
DSIT (2023) A pro-innovation approach to AI regulation (CP 815). Crown. https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/1176103/a-pro-innovation-approach-to-ai-regulation-amended-web-ready.pdf. Accessed 25 Aug 2023
NCSC (2022) Principles for the security of machine learning. https://www.ncsc.gov.uk/collection/machine-learning. Accessed 7 Sept 2023
Zhu Y, Yu K (2023) Artificial intelligence (AI) for quantum and quantum for AI. Opt Quant Electr 55(8):1–26
Kaur D, Uslu S, Durresi A (2023) Quantum algorithms for trust-based AI applications. Lect Notes Data Eng Commun Technol 176:1–12. https://doi.org/10.1007/978-3-031-35734-3_1/COVER
Krenn M et al (2023) Artificial intelligence and machine learning for quantum technologies. Phys Rev A 107(1):010101
Nouioua T, Belbachir AH (2023) The quantum computer for accelerating image processing and strengthening the security of information systems. Chin J Phys 81:104–124. https://doi.org/10.1016/J.CJPH.2022.11.006
Barker E (2020) Recommendation for key management: part 1—general. https://doi.org/10.6028/NIST.SP.800-57PT1R5
Rosch-Grace D, Straub J (2022) Analysis of the likelihood of quantum computing proliferation. Technol Soc 68:101880. https://doi.org/10.1016/J.TECHSOC.2022.101880
Nicesio OK, Leal AG, Gava VL (2023) Quantum machine learning for network intrusion detection systems, a systematic literature review. In: Proceedings of the 2023 IEEE 2nd international conference on AI in cybersecurity, ICAIC 2023. https://doi.org/10.1109/ICAIC57335.2023.10044125
Sharma N, Ketti Ramachandran R (2021) The emerging trends of quantum computing towards data security and key management. Arch Comput Methods Eng 28(7):5021–5034. https://doi.org/10.1007/S11831-021-09578-7/TABLES/3
Yavuz AA et al (2022) Distributed cyber-infrastructures and artificial intelligence in hybrid post-quantum era. In: Proceedings of the 2022 IEEE 4th international conference on trust, privacy and security in intelligent systems, and applications, TPS-ISA 2022, pp 29–38. https://doi.org/10.1109/TPS-ISA56441.2022.00014
Serrano MA et al (2023) Towards a quantum world in cybersecurity land. In: Bellucci A et al (eds) Proceedings of the 9th international symposium on end-user development (IS-EUD 2023). CEUR workshop proceedings, Cagliari. https://ceur-ws.org/Vol-3408/short-s3-02.pdf. Accessed 21 Aug 2023
Sanchez LE et al (2023) New frontiers in security risk management. IT Prof 25(3):61–67. https://doi.org/10.1109/MITP.2023.3251720
Erdogan G et al (2021) A systematic mapping study on approaches for Al-supported security risk assessment. In: Proceedings of the 2021 IEEE 45th annual computers, software, and applications conference (COMPSAC). IEEE, pp 755–760. https://doi.org/10.1109/COMPSAC51774.2021.00107
Hosam O (2022) Intelligent risk management using artificial intelligence. In: Proceedings of the 2022 advances in science and engineering technology international conferences, ASET 2022. https://doi.org/10.1109/ASET53988.2022.9734861
Rosado DG et al (2022) Managing cybersecurity risks of cyber-physical systems: the MARISMA-CPS pattern. Comput Ind 142:103715. https://doi.org/10.1016/J.COMPIND.2022.103715
Pickard AJ (2013) Research methods in information, 2nd edn. Facet Publishing, London
Elsevier (2023) Scopus: document search. https://www.scopus.com/search/form.uri. Accessed 7 Sept 2023
IEEE (2023) IEEE Xplore. https://ieeexplore.ieee.org/Xplore. Accessed 19 Sept 2023
Raatikainen M, Tiihonen J, Männistö T (2019) Software product lines and variability modeling: a tertiary study. J Syst Softw 149:485–510. https://doi.org/10.1016/J.JSS.2018.12.027
Kitchenham B et al (2010) Systematic literature reviews in software engineering: a tertiary study. Inform Softw Technol 52(8):792–805. https://doi.org/10.1016/J.INFSOF.2010.03.006
Wohlin C et al (2022) Successful combination of database search and snowballing for identification of primary studies in systematic literature studies. Inform Softw Technol 147:106908. https://doi.org/10.1016/j.infsof.2022.106908
Rihoux B (2006) ‘Qualitative comparative analysis (QCA) and related systematic comparative methods. Int Sociol 21(5):679–706. https://doi.org/10.1177/0268580906067836
Mattke J et al (2021) Qualitative comparative analysis in the information systems discipline: a literature review and methodological recommendations. Internet Res 31(5):1493–1517. https://doi.org/10.1108/INTR-09-2020-0529
AIAAIC (2023) AIAAIC repository. https://www.aiaaic.org/aiaaic-repository
Yuan S, Wu X (2021) Deep learning for insider threat detection: review, challenges and opportunities. Comput Sec 104:2221. https://doi.org/10.1016/J.COSE.2021.102221
Dasgupta D, Akhtar Z, Sen S (2022) Machine learning in cybersecurity: a comprehensive survey. J Def Model Simul 19(1):57–106. https://doi.org/10.1177/1548512920951275
Huang Y, Huang L, Zhu Q (2022) Reinforcement learning for feedback-enabled cyber resilience. Ann Rev Control 53:273–295. https://doi.org/10.1016/J.ARCONTROL.2022.01.001
Nguyen TT, Reddi VJ (2023) Deep reinforcement learning for cyber security. IEEE Trans Neural Netw Learn Syst 34(8):3779–3795. https://doi.org/10.1109/TNNLS.2021.3121870
Aldoseri A, Al-Khalifa KN, Hamouda AM (2023) Re-thinking data strategy and integration for artificial intelligence: concepts, opportunities, and challenges. Appl Sci 13(12):82. https://doi.org/10.3390/APP13127082
Capuano N et al (2022) Explainable artificial intelligence in cybersecurity: a survey. IEEE Access 10:93575–93600. https://doi.org/10.1109/ACCESS.2022.3204171
Guo Y (2023) A review of machine learning-based zero-day attack detection: challenges and future directions. Comput Commun 198:175–185. https://doi.org/10.1016/J.COMCOM.2022.11.001
Gilpin LH et al (2019) Explaining explanations: an overview of interpretability of machine learning. In: Proceedings of the 2018 IEEE 5th international conference on data science and advanced analytics, DSAA 2018, pp 80–89. https://doi.org/10.1109/DSAA.2018.00018
Berghoff C, Neu M, von Twickel A (2020) Vulnerabilities of connectionist AI applications: evaluation and defense. Front Big Data 3:23. https://doi.org/10.3389/FDATA.2020.00023
Berman DS et al (2019) A survey of deep learning methods for cyber security. Information 10(4):122. https://doi.org/10.3390/INFO10040122
Liu H et al (2023) Trustworthy AI: a computational perspective. ACM Trans Intell Syst Technol 14(1):1–59. https://doi.org/10.1145/3546872
Ramachandran KK et al (2023) Using AI for risk management and improved business resilience, pp 978–982. https://doi.org/10.1109/ICACITE57410.2023.10182662
Biggio B, Roli F (2018) Wild patterns: ten years after the rise of adversarial machine learning. Pattern Recogn 84:317–331. https://doi.org/10.1016/J.PATCOG.2018.07.023
Kaur D et al (2023) Trustworthy artificial intelligence: a review. ACM Comput Surv 55(2):209. https://doi.org/10.1145/3491209
Polemi N, Praça I (2023) Multilayer framework for good cybersecurity practices for AI. Attiki. https://doi.org/10.2824/588830
Feng T et al (2023) A review of speech-centric trustworthy machine learning: privacy, safety, and fairness. APSIPA Trans Sig Inform Process 12(3):84. https://doi.org/10.1561/116.00000084
Liu X et al (2021) Privacy and security issues in deep learning: a survey. IEEE Access 9:4566–4593. https://doi.org/10.1109/ACCESS.2020.3045078
Tayyab M et al (2023) A comprehensive review on deep learning algorithms: security and privacy issues. Comput Sec 131:297. https://doi.org/10.1016/J.COSE.2023.103297
Alotaibi A, Rassam MA (2023) Adversarial machine learning attacks against intrusion detection systems: a survey on strategies and defense. Fut Internet 15(2):62. https://doi.org/10.3390/FI15020062
Tanuwidjaja HC et al (2020) Privacy-preserving deep learning on machine learning as a service-a comprehensive survey. IEEE Access 8:167425–167447. https://doi.org/10.1109/ACCESS.2020.3023084
Li B et al (2023) Trustworthy AI: from principles to practices. ACM Comput Surv 55(9):803. https://doi.org/10.1145/3555803
Sousa S, Kern R (2023) How to keep text private? A systematic review of deep learning methods for privacy-preserving natural language processing. Artif Intell Rev 56(2):1427–1492. https://doi.org/10.1007/S10462-022-10204-6
OWASP (2023) OWASP Top 10 for LLM applications. https://owasp.org/www-project-top-10-for-large-language-model-applications/assets/PDF/OWASP-Top-10-for-LLMs-2023-v1_0_1.pdf. Accessed 7 Sept 2023
Macas M, Wu C, Fuertes W (2022) A survey on deep learning for cybersecurity: progress, challenges, and opportunities. Comput Netw 212:109032. https://doi.org/10.1016/j.comnet.2022.109032
AI HLEG (2019) Ethics guidelines for trustworthy AI. Brussels. https://digital-strategy.ec.europa.eu/en/library/ethics-guidelines-trustworthy-ai. Accessed 9 Aug 2023
van Giffen B, Herhausen D, Fahse T (2022) Overcoming the pitfalls and perils of algorithms: a classification of machine learning biases and mitigation methods. J Bus Res 144:93–106. https://doi.org/10.1016/J.JBUSRES.2022.01.076
Werder K, Ramesh B, Zhang RS (2022) Establishing data provenance for responsible artificial intelligence systems. ACM Trans Manag Inform Syst 13(2):488. https://doi.org/10.1145/3503488
Kortum H et al (2022) Towards the operationalization of trustworthy AI: integrating the EU assessment list into a procedure model for the development and operation of AI-systems. Lect Notes Inform Proceed Gesellschaft fur Informatik 326:283–299. https://doi.org/10.18420/INF2022_26
Qadir J, Islam MQ, Al-Fuqaha A (2022) Toward accountable human-centered AI: rationale and promising directions. J Inform Commun Ethics Soc 20(2):329–342. https://doi.org/10.1108/JICES-06-2021-0059
Equality Act (2010) c. 15. https://www.legislation.gov.uk/ukpga/2010/15/contents. Accessed 2 Nov 2023
Lashkari M, Cheng J (2023) “Finding the magic sauce”: exploring perspectives of recruiters and job seekers on recruitment bias and automated tools. In: Proceedings of the conference on human factors in computing systems, p 16. https://doi.org/10.1145/3544548.3581548
Aiyanyo ID, Samuel H, Lim H (2020) A systematic review of defensive and offensive cybersecurity with machine learning. Appl Sci 10(17):811. https://doi.org/10.3390/APP10175811
Ali A et al (2023) The effect of artificial intelligence on cybersecurity. In: Proceedings of the 2nd international conference on business analytics for technology and security, ICBATS 2023. https://doi.org/10.1109/ICBATS57792.2023.10111151
He K, Kim DD, Asghar MR (2023) Adversarial machine learning for network intrusion detection systems: a comprehensive survey. IEEE Commun Surv Tutor 25(1):538–566. https://doi.org/10.1109/COMST.2022.3233793
Jaber A, Fritsch L (2023) Towards AI-powered cybersecurity attack modeling with simulation tools: review of attack simulators. Lect Notes Netw Syst 571:249–257. https://doi.org/10.1007/978-3-031-19945-5_25
Jaber AN, Fritsch L (2021) COVID-19 and global increases in cybersecurity attacks: review of possible adverse artificial intelligence attacks. In: ICSEC 2021—25th international computer science and engineering conference, pp 434–442. https://doi.org/10.1109/ICSEC53205.2021.9684603
Kamoun F et al (2020) AI and machine learning: a mixed blessing for cybersecurity. In: Proceedings of the 2020 international symposium on networks, computers and communications, ISNCC 2020. https://doi.org/10.1109/ISNCC49221.2020.9297323
Laato S et al (2021) How to explain AI systems to end users: a systematic literature review and research agenda. Internet Res 32(7):1–31. https://doi.org/10.1108/INTR-08-2021-0600
Li S et al (2022) Backdoors against natural language processing: a review. IEEE Sec Priv 20(5):50–59. https://doi.org/10.1109/MSEC.2022.3181001
Liu Q et al (2018) A survey on security threats and defensive techniques of machine learning: a data driven view. IEEE Access 6:12103–12117. https://doi.org/10.1109/ACCESS.2018.2805680
Miao Y et al (2022) Machine learning based cyber attacks targeting on controlled information: a survey. ACM Comput Surv 54(7):171. https://doi.org/10.1145/3465171
Miller DJ, Xiang Z, Kesidis G (2020) Adversarial learning targeting deep neural network classification: a comprehensive review of defenses against attacks. Proceed IEEE 108(3):402–433. https://doi.org/10.1109/JPROC.2020.2970615
Moher D et al (2010) Preferred reporting items for systematic reviews and meta-analyses: the PRISMA statement. Int J Surg 8(5):336–341. https://doi.org/10.1016/J.IJSU.2010.02.007
Ntoutsi E et al (2020) Bias in data-driven artificial intelligence systems: an introductory survey. Wiley Interdiscip Rev Data Min Knowl Discov 10(3):1356. https://doi.org/10.1002/WIDM.1356
Rizvi S et al (2022) Application of artificial intelligence to network forensics: survey, challenges and future directions. IEEE Access 10:110362–110384. https://doi.org/10.1109/ACCESS.2022.3214506
Shneiderman B (2020) Bridging the gap between ethics and practice: Guidelines for reliable, safe, and trustworthy human-centered AI systems. ACM Trans Interact Intell Syst 10(4):764. https://doi.org/10.1145/3419764
Tapeh ATG, Naser MZ (2023) Artificial intelligence, machine learning, and deep learning in structural engineering: a scientometrics review of trends and best practices. Arch Comput Methods Eng 30(1):115–159. https://doi.org/10.1007/s11831-022-09793-w
Von Twickel A (2023) Towards secure AI systems: approach and role of the German BSI: ENISA AI cybersecurity conference. https://www.enisa.europa.eu/events/2023-enisa-ai-cybersecurity-conference/20230607-enisa-ai-cybersecurity-conference-bsi-approach-v02_pub.pdf
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Kreutz, H., Jahankhani, H. (2024). Impact of Artificial Intelligence on Enterprise Information Security Management in the Context of ISO 27001 and 27002: A Tertiary Systematic Review and Comparative Analysis. In: Jahankhani, H., Bowen, G., Sharif, M.S., Hussien, O. (eds) Cybersecurity and Artificial Intelligence. Advanced Sciences and Technologies for Security Applications. Springer, Cham. https://doi.org/10.1007/978-3-031-52272-7_1
Download citation
DOI: https://doi.org/10.1007/978-3-031-52272-7_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-52271-0
Online ISBN: 978-3-031-52272-7
eBook Packages: Computer ScienceComputer Science (R0)