ETSI Sets Security Requirements for AI Data Centers and Cloud Platforms

The rapid expansion of generative AI and large‑scale model training has outpaced traditional cybersecurity measures, prompting regulators and industry groups to seek formal safeguards. ETSI, a leading standards body for telecommunications and emerging technologies, responded by publishing TS 104 033, a specification that translates best‑practice controls into enforceable requirements for AI compute environments. This move reflects growing consensus that AI workloads demand dedicated protection mechanisms beyond generic cloud security, especially as they increasingly run on specialized accelerators and at the network edge.

TS 104 033 structures its mandates around six pillars: identity and access management, data protection, integrity verification, auditing, incident response, and system resilience. It obliges platforms to enforce least‑privilege access, prohibit remote root logins, and implement secure‑boot to guarantee component integrity. Crucially, the spec introduces AI‑specific services such as encrypted model storage, confidential‑computing enclaves, and a Model Bill of Materials that records provenance for audit trails. By requiring isolation for shared GPUs and NPUs, the standard mitigates cross‑tenant leakage—a key concern for multi‑tenant cloud providers and hyperscale data‑center operators.

For the broader market, ETSI’s framework offers a common language that can be embedded into contracts, compliance audits, and certification programs. Vendors that align their hardware and software stacks with TS 104 033 will likely gain a competitive edge, as enterprises prioritize platforms that demonstrably protect intellectual property and comply with emerging regulations. Moreover, the specification sets a foundation for future extensions, such as automated inference‑attack detection and resilient training‑recovery workflows, positioning the AI ecosystem for sustained, secure growth.