Supply Chain Attack (AI)
An attack that targets vulnerabilities in the AI development supply chain, such as compromised pre-trained models, poisoned datasets or malicious third-party libraries.
In plain language
Attacking AI by compromising something it depends on. A pre-trained model downloaded from the internet, a third-party dataset or an open-source library. Poisoning the ingredients rather than the final dish.
Why this matters
AI supply chain risks are often underestimated in governance frameworks. Your organisation must implement due diligence on third-party models, datasets and libraries, alongside verification processes to ensure the integrity of AI components. This is especially critical for regulated industries and high-stakes applications.
Relevance
GovernanceIdentifies a material governance gap: most organisations do not audit their AI supply chains, yet compromised components can undermine the trustworthiness of the entire system.
Related terms
Putting supply chain attack (ai) into practice in your organisation?
Ready to transform your AI strategy?
Partner with Australia's AI strategy and governance specialists. From adoption roadmaps to ISO 42001 audit readiness.