Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Standardized Threat Taxonomy for AI Security, Governance, and Regulatory Compliance

Hernan Huwyler

TL;DR

The paper addresses fragmentation between technical AI security concerns and regulatory/compliance requirements by introducing the AI System Threat Vector Taxonomy, a nine-domain, 53-sub-threat ontology linked to business loss categories for Quantitative Risk Assessment (QRA). It provides a Quantification Bridge to integrate threats into probabilistic risk models and maps the taxonomy to NIST AI RMF, ISO/IEC 42001, and the EU AI Act, enabling auditable governance. Empirical validation on 133 AI incidents demonstrates that Misuse and Unreliable Outputs are the dominant practical risks, while comparing favorably against MITRE ATLAS, OWASP Top 10 for LLMs, and ENISA Threat Landscape. The framework supports risk-based decision-making, contingency planning, and insurability of AI deployments, driving a shift from reactive firefighting to evidence-driven governance.

Abstract

The accelerating deployment of artificial intelligence systems across regulated sectors has exposed critical fragmentation in risk assessment methodologies. A significant "language barrier" currently separates technical security teams, who focus on algorithmic vulnerabilities (e.g., MITRE ATLAS), from legal and compliance professionals, who address regulatory mandates (e.g., EU AI Act, NIST AI RMF). This disciplinary disconnect prevents the accurate translation of technical vulnerabilities into financial liability, leaving practitioners unable to answer fundamental economic questions regarding contingency reserves, control return-on-investment, and insurance exposure. To bridge this gap, this research presents the AI System Threat Vector Taxonomy, a structured ontology designed explicitly for Quantitative Risk Assessment (QRA). The framework categorizes AI-specific risks into nine critical domains: Misuse, Poisoning, Privacy, Adversarial, Biases, Unreliable Outputs, Drift, Supply Chain, and IP Threat, integrating 53 operationally defined sub-threats. Uniquely, each domain maps technical vectors directly to business loss categories (Confidentiality, Integrity, Availability, Legal, Reputation), enabling the translation of abstract threats into measurable financial impact. The taxonomy is empirically validated through an analysis of 133 documented AI incidents from 2025 (achieving 100% classification coverage) and reconciled against the main AI risk frameworks. Furthermore, it is explicitly aligned with ISO/IEC 42001 controls and NIST AI RMF functions to facilitate auditability.

Standardized Threat Taxonomy for AI Security, Governance, and Regulatory Compliance

TL;DR

The paper addresses fragmentation between technical AI security concerns and regulatory/compliance requirements by introducing the AI System Threat Vector Taxonomy, a nine-domain, 53-sub-threat ontology linked to business loss categories for Quantitative Risk Assessment (QRA). It provides a Quantification Bridge to integrate threats into probabilistic risk models and maps the taxonomy to NIST AI RMF, ISO/IEC 42001, and the EU AI Act, enabling auditable governance. Empirical validation on 133 AI incidents demonstrates that Misuse and Unreliable Outputs are the dominant practical risks, while comparing favorably against MITRE ATLAS, OWASP Top 10 for LLMs, and ENISA Threat Landscape. The framework supports risk-based decision-making, contingency planning, and insurability of AI deployments, driving a shift from reactive firefighting to evidence-driven governance.

Abstract

The accelerating deployment of artificial intelligence systems across regulated sectors has exposed critical fragmentation in risk assessment methodologies. A significant "language barrier" currently separates technical security teams, who focus on algorithmic vulnerabilities (e.g., MITRE ATLAS), from legal and compliance professionals, who address regulatory mandates (e.g., EU AI Act, NIST AI RMF). This disciplinary disconnect prevents the accurate translation of technical vulnerabilities into financial liability, leaving practitioners unable to answer fundamental economic questions regarding contingency reserves, control return-on-investment, and insurance exposure. To bridge this gap, this research presents the AI System Threat Vector Taxonomy, a structured ontology designed explicitly for Quantitative Risk Assessment (QRA). The framework categorizes AI-specific risks into nine critical domains: Misuse, Poisoning, Privacy, Adversarial, Biases, Unreliable Outputs, Drift, Supply Chain, and IP Threat, integrating 53 operationally defined sub-threats. Uniquely, each domain maps technical vectors directly to business loss categories (Confidentiality, Integrity, Availability, Legal, Reputation), enabling the translation of abstract threats into measurable financial impact. The taxonomy is empirically validated through an analysis of 133 documented AI incidents from 2025 (achieving 100% classification coverage) and reconciled against the main AI risk frameworks. Furthermore, it is explicitly aligned with ISO/IEC 42001 controls and NIST AI RMF functions to facilitate auditability.

Paper Structure

This paper contains 37 sections.

Table of Contents

  1. Introduction
  2. The Regulatory Imperative
  3. The Methodological Gap
  4. Research Contribution
  5. Background and Related Work
  6. Evolution of AI Threat Taxonomies
  7. Risk Quantification in Cybersecurity and AI
  8. Regulatory Frameworks and the "Methodology Void"
  9. Methodology
  10. Phase 1: Taxonomy Development
  11. Systematic Literature Review
  12. Domain Structure Development
  13. Sub-Threat Identification
  14. Phase 2: Quantification Integration
  15. Loss Category Mapping
  16. ...and 22 more sections