AIBOMs: The Essential Component of AI Risk Management for Enhanced SEO, Replacing Traditional SBOMs.

In a recent interview with Help Net Security, Marc Frankel, CEO of Manifest Cyber, highlighted the overlooked AI-specific risks that can lead to significant security issues. He pointed out that conventional tools often fail to detect problems such as poisoned training data and shadow AI. Frankel introduced the concept of AI Bills of Materials (AIBOMs), which extend Software Bills of Materials (SBOMs) to enhance transparency regarding datasets, model weights, and third-party integrations. This innovation aims to improve governance and incident response within organisations. He emphasised the importance of achieving executive-grade visibility and maintaining AI supply chain hygiene to mitigate these risks.

Frankel provided a real-world example involving the LAION-5B dataset, which contains 5.85 billion image-text pairs and serves as the foundation for popular models like Stable Diffusion and DALL-E 2. Stanford researchers discovered that LAION-5B included around 1,600 instances of child sexual abuse material, which had been scraped from the internet without proper filtering. This issue was compounded by the fact that traditional security tools could not detect the poisoned data, and many organisations lacked a systematic way to identify which applications were affected. Consequently, they struggled to answer critical questions about their use of these models and the data lineage associated with them.