Part I: Defining Responsible AI and the Evolving AI Landscape Chapter 1Overview 1 Foundations of Zero Trust in AI Security 3 The Origins and Evolution of Zero Trust 3 Zero Trust Principles in AI Security 4 Key Frameworks and Regulations 5 The Intersections of AI and Security 8 Zero Trust as a Paradigm Shift in Securing AI 11 Ways to Build AI-Ready Data Centers and Cloud Architecture 12 Network Design Basics with AI in Mind 13 Key Components Required for an AI-Ready Environment 14 AI Data Center Deployment Options 17 Summary 21 Key Terms 22 End-of-Chapter Questions and Answers 22 Chapter 2Responsible AI and Integrated Awareness 29 Definition and Principles of Responsible AI 29 Ethical AI Development 30 The Landscape of AI: From Basics to Advanced Concepts 31 Foundations of AI Architectures 31 Agentic AI 33 Chain-of-Thought Reasoning Models 33 Key Zero Trust Principles for AI Agents and Reasoning Models 35 Foundational Considerations in AI 35 Ways to Overcome Organizational Barriers to Secure AI Adoption 36 AI/ML Pipeline 39 No Free Lunch Theorem: Common Challenges in AI Development 41 Explainable AI (Is AI a Black Box?) 41 AI in Organizations 43 AI Adoption Framework 43 Essential Skills for the AI Era 44 Ethical Considerations and Bias Mitigation 45 Ethical Frameworks and Guidelines for AI 46 Additional Considerations for AI 47 Emerging Technologies 48 Defining an AI Maturity Model 51 Applying Zero Trust to AI Deployment Models 53 Understanding Risk, Control, and Governance Across the AI Landscape 53 Securing AI Agents Through Zero Trust Guardrails 55 Summary 58 Key Terms 59 End-of-Chapter Questions and Answers 59 Chapter 3Artificial Intelligence Threat Landscape 67 Overview of AI Threats 67 AI as Target: Adversarial Machine Learning 69 Threat Model 71 Integrity: Evasion, Poisoning, and Backdoor Attacks 73 Confidentiality: Model Inversion, Extraction, and Membership Inference Attacks 76 Availability: Energy Latency Attacks 79 Other Common Attacks: Supply Chain and Third Party 80 Specific Considerations for Attacks on Generative AI 83 Attacking AI Systems vs. AI Models 86 Libraries for Testing AI Models 88 AI Systems vs. AI Models 88 Case Studies of AI Security Events: MITRE ATLAS 89 Overview 89 AI as Attack Vector: Offensive AI in Generative Adversarial Networks 93 Summary 97 Key Terms 97 End-of-Chapter Questions and Answers 98 Chapter 4Zero Trust Principles and Methods 107 Benefits of Zero Trust for AI Security: A Proof of Value 107 The Evolution of Zero Trust: A Foundation for Securing AI 108 AI as a Catalyst for Zero Trust Transformation 110 Applying the Five Zero Trust Categories to AI 111 Policy and Governance 112 Identity 122 Vulnerability Management 131 Enforcement 135 Analytics 144 Practical Workshop Design: Zero Trust for AI 150 Risk and Regulation 151 Implementation Guidance 151 Capability Alignment 151 Organizational Dynamics in Zero Trust for AI 152 Risk and Regulation 152 Implementation Guidance 152 Capability Alignment 153 Roadmap: Zero Trust for AI Security Maturity 153 Risk and Regulation 153 Implementation Guidance 154 Capability Alignment 154 Application of Zero Trust: Securing Embodied AI Through Zero Trust 155 The Trust Gap in Embodied AI 155 Securing Perception, Planning, and Action 155 Simulation, Noise, and Real-World Deployment 156 Collaborative, Ethical, and Societal Risks 156 Case Study: Application of Zero Trust-Salt Typhoon and Advanced Threat Campaigns Against Embodied AI 157 Case Study: Application of Zero Trust-Implications of State-Sponsored Network Compromise Campaigns 158 Case Study: Application of Zero Trust-Real-World Technology Shift at Scale to AI-Native Software Development 160 Case Study: Nation-State Espionage, the Quantum Threat, and Harvest Now Decrypt Later 161 HNDL Description and Analysis 162 PQC Recommendations 162 PQC Insights and Business Implications 163 Summary 164 Key Terms 165 End-of-Chapter Questions and Answers 165 Chapter 5Securing AI from the Start 173 Importance of Early Data Classification 174 Data Classification Tools 176 Data Classification 177 Governance and Legal Requirements 181 Potential Threats and Consequences from Missing Data Classification 183 Ways to Build Security into the AI Development Lifecycle 189 Proactive vs. Reactive Security Measures 191 Business and Operational Benefits 193 Quantitative and Qualitative Metrics 193 Value Propositions 193 Cost Savings from Early Security Implementation 194 Improved Trust and Compliance 196 Ways to Future-Proof AI Systems by Building Crypto-Agility for Post-Quantum Resilience 197 Scalability and Adaptability of Secure AI 198 The Need to Secure AI from the Start: Challenges and Considerations 199 Securing AI Application Development 200 Securing AI Application Deployment 201 Moving from Software Development to AI Application Development 201 Securing AI Chatbots and Agents 206 Understanding the Advanced Threat Landscape and Mitigation 206 Securing Agentic AI and Retrieval-Augmented Generation 207 AI Security Readiness Framework 209 1. Embedding Security in AI Governance and Strategy 211 2. Strengthening Data Security and Privacy 212 3. Ensuring Model Integrity and Robustness 212 4. Mitigating AI-Specific Threats and Attack Vectors 214 5.

Addressing Compliance and Ethical Requirements 214 6. Building a Security-Resilient Infrastructure 215 7. Cultivating a Security-Aware Culture 216 Summary 217 Key Terms 218 End-of-Chapter Questions and Answers 218 Part II: Building Operational Resilience-People, Processes, and Infrastructure Chapter 6Organizational AI Security Readiness 225 Assessing Organizational Readiness 226 Stakeholder Engagement and Ownership 226 Security Readiness Assessments 226 Baseline of Current Capabilities 227 Risk Assessment and Prioritization 228 Gap Analysis and Areas for Improvement 229 Compliance and Regulatory Readiness 230 Technical Infrastructure and Tooling Evaluation 232 Culture and Awareness Readiness 233 Incident Response and Recovery Preparedness 233 Actionability and Roadmap Development 234 Building a Security-First Culture 234 Leadership and Commitment 235 Security Policies and Governance 235 Risk Management and Accountability 236 Integration of Security in AI Lifecycle 236 Cultural Change Strategies 237 Training and Awareness Programs 237 Tailored Training Programs 238 Awareness Campaigns 238 Hands-On Exercises 239 Continuous Learning 239 The Reasons to Measure Effectiveness 239 Organizational AI Security Readiness: Challenges and Considerations 240 AI Model Security Readiness 240 Data Governance and Privacy for AI Readiness 241 AI-Specific Incident Response Readiness 243 Explainable AI (XAI) Readiness 244 Zero Trust Principles Applied to AI Security Readiness 245 AI Supply Chain Readiness 246 Summary 247 Key Terms 248 End-of-Chapter Questions and Answers 248 Chapter 7AI-Ready Data Privacy and Business Impact 255 The Strategic Value of Data in the Age of AI 256 Data as an Enterprise and National Security Asset 256 The Criticality of Protecting Strategic, Classified, and Proprietary Data 257 How AI-Driven Decision Automation Amplifies Business Impact from Data Compromise 258 The Convergence of AI Data Governance and Digital Sovereignty 258 Evolving Attack Surfaces in AI Ecosystems 259 The Influence of Visionary Fiction on the AI Landscape 259 From Imagination to Implementation: Agentic and Embedded AI 259 AI as a Living System: Expanding the Threat Model 260 Zero Trust for AI Systems Reimagined 260 Science Fiction Realized, Responsibility Required 261 Privacy and Security Challenges in Agentic and Embedded AI 262 Autonomous Data Processing and Contextual Inference Without Human Oversight 263 Data Lineage, Provenance, and Chain of Custody in Distributed AI Environments 263 The Difficulty of Enforcing Access Control and Policy Verification Within Embedded Architectures 263 Risk Propagation Across Cross-Domain AI Collaboration Systems 264 Monitoring, Containment, and Assurance for Self-Adaptive Models 265 AI Model Protection and PQC Readiness 265 Model Inversion, Prompt Injection, and Data Poisoning Threats 266 Techniques for Model Watermarking, Signing, and Integrity Validation 266 Confidential Computing, Secure Enclaves, and Trusted Execution Environments 267 PQC Readiness and the Transition to Post-Quantum Encryption (FIPS 203, FIPS 204, FIPS 205) 268 Cryptographic Agility and Lifecycle Management for AI Models and Data Pipelines 269 Privacy-Preserving Data Engineering for Next-Generation AI 269 Differential Privacy, Homomorphic Encryption, and Secure Multi-Party Computation 270 Federated Learning and Encryption-in-Use for Distributed AI Training 271 PQC-Based Encryption Methods for AI Inference and Storage Environments 271 The Role of Hardware-Based Isolation and Zero-Knowledge Proofs in Preserving Privacy 272 Regulatory and Comp.