The National Cyber Security Centre (NCSC) has released guidance to assist developers, engineers, decision-makers, and risk owners in designing and using machine learning systems.

Machine learning is a form of artificial intelligence where computers identify patterns in data or solve problems automatically. To illustrate, consider how you might teach a child to recognize different animals. Instead of explaining all the rules to identify a cat or a dog, you show them numerous pictures of cats and dogs and tell them which is which. Over time, the child becomes better at distinguishing between cats and dogs just by looking at them.

Machine learning functions similarly for computers. Rather than providing a strict set of instructions for every possible scenario, you supply numerous examples, and the computer learns from these. For example, to train a computer to recognize spam emails, you show it many emails labeled as “spam” and “not spam.” The computer analyzes these examples and starts to identify patterns. Then, when it encounters a new email, it can predict whether it’s spam based on what it has learned.

In essence, machine learning involves teaching computers to learn from examples so they can make decisions or predictions independently.

Given the rapid development in machine learning, the NCSC is concerned that security might be treated as an afterthought. They emphasize the importance of incorporating security into the design from the beginning and maintaining it as a core requirement throughout the machine learning system’s lifecycle.

The new guidance includes principles to help developers, engineers, and decision-makers make informed choices about their systems. The ultimate aim is to assure stakeholders and end users that a machine learning system is safe and secure.

For the full guidance, visit: [NCSC – Machine Learning Principles](https://www.ncsc.gov.uk/collection/machine-learning-principles).