Lilly Tech Systems
Best Practices
Building a mature AI incident response capability requires playbooks, regular exercises, clear team structures, and a culture of continuous improvement.
AI Incident Response Playbooks
Create specific playbooks for common AI incident scenarios. Each playbook should include detection signals, immediate actions, investigation steps, and communication templates:
Model Safety Violation
Playbook for when a model produces harmful, dangerous, or illegal content. Includes immediate model isolation, user notification, and regulatory reporting steps.
Prompt Injection Attack
Playbook for active prompt injection exploitation. Covers input filter deployment, attack pattern analysis, and guardrail hardening procedures.
Data Leakage
Playbook for PII or training data exposure. Includes scope assessment, affected user identification, GDPR/privacy notification requirements, and remediation.
Model Drift Degradation
Playbook for gradual model quality decline. Covers drift analysis, retraining decision framework, and staged rollout of updated models.
Tabletop Exercises
Conduct quarterly tabletop exercises to test your AI IR capabilities. Walk through realistic scenarios without actually triggering incidents:
-
Scenario Design
Create realistic scenarios based on real-world AI incidents. Include injects (new information revealed during the exercise) that test decision-making under pressure.
-
Cross-functional Participation
Include ML engineers, security, legal, communications, product, and leadership. Each role should practice their specific responsibilities during the exercise.
-
Decision Documentation
Record all decisions made during the exercise, the reasoning behind them, and the time taken. Identify bottlenecks, gaps in knowledge, and unclear ownership.
-
After-Action Review
Review exercise results, update playbooks with lessons learned, assign action items for identified gaps, and schedule follow-up exercises for areas of weakness.
Team Structure and Roles
| Role | Responsibilities | Required Skills |
|---|---|---|
| Incident Commander | Coordinates response, makes escalation decisions, manages timeline | Leadership, AI/ML knowledge, crisis management |
| ML Engineer | Investigates model behavior, executes rollbacks, performs retraining | Deep ML expertise, model debugging, infrastructure |
| Security Analyst | Analyzes attack patterns, assesses exploitation scope, forensic analysis | AI security, threat analysis, forensics |
| Communications Lead | Drafts user notifications, press responses, internal updates | Technical writing, crisis communication |
| Legal/Compliance | Assesses regulatory obligations, coordinates mandatory notifications | AI regulation, data privacy law |
Continuous Improvement Metrics
# Key IR metrics to track over time:
ir_metrics = {
"mttd": "Mean Time to Detect (minutes)",
"mttt": "Mean Time to Triage (minutes)",
"mttc": "Mean Time to Contain (minutes)",
"mttr": "Mean Time to Recover (hours)",
"incidents_per_quarter": "Total incidents by severity",
"false_positive_rate": "% of alerts that were not real",
"playbook_coverage": "% of incidents matching a playbook",
"exercise_frequency": "Tabletop exercises per quarter",
"action_item_completion": "% of PIR items completed on time"
}