R24 — Training Data Poisoning

Q: How do security teams mitigate Training Data Poisoning?

In CISO Game, Training Data Poisoning is reduced by Detection (35%), Prevention (35%), Recovery (15%), Response (10%) subscores. Real-world programs use the same control families, with category investments such as AI Security Posture Management (AI-SPM), AI Red Team engagement (annual), Model SBOM + Provenance.

Q: Why does Training Data Poisoning matter to a CISO?

Severity 9 (Catastrophic). Training-data poisoning matters most for companies that fine-tune their own models on customer-supplied or publicly-scraped data. The mitigations are pipeline-side (data lineage, training-set integrity checks, provenance attestation) rather than runtime — once the model is poisoned, you train a new one.

Stress-test Training Data Poisoning in the AI startup scenario Series-B, AI-first, six new AI risks in your register.

Start playing →

R24 AI Severity 9 · Catastrophic Residual offset +5

Attacker corrupts training datasets. Heavy detection (anomaly + provenance) + prevention (data lineage) + recovery (clean rollback).

What is Training Data Poisoning?

Attacker corrupts training datasets. Heavy detection (anomaly + provenance) + prevention (data lineage) + recovery (clean rollback). CISO Game tracks this as R24 in the live risk register, severity 9 (Catastrophic), category AI.

How does CISO Game model Training Data Poisoning?

Exposure for R24 runs from 0 to 100, recomputed live as you buy, cancel, or reassign products. How the exposure model works →

Real-world parallel

Training-data poisoning matters most for companies that fine-tune their own models on customer-supplied or publicly-scraped data. The mitigations are pipeline-side (data lineage, training-set integrity checks, provenance attestation) rather than runtime — once the model is poisoned, you train a new one.

How do security teams mitigate Training Data Poisoning?

The dominant subscore levers for this risk are:

Detection subscore — weight 35%
Prevention subscore — weight 35%
Recovery subscore — weight 15%
Response subscore — weight 10%

Residual offset: +5 exposure points are structural — no product fully removes them. Real-world parallels: zero-day windows, vendor monoculture, regulator unpredictability.

Gated: only active when AI focus is enabled in Setup.

Which investments mitigate Training Data Poisoning?

Products in CISO Game that reduce exposure to R24:

Which related risks should you also watch?

Risks with similar dominant subscores or shared category — addressing one often helps the others:

Why does Training Data Poisoning matter to a CISO?

AI risk is the newest category in the register. Training Data Poisoning requires controls that are still maturing — model cards, AI red-teaming, AI-SPM, prompt-injection detection. CISO Game's AI focus toggle activates these.

How can you test your mitigation strategy?

Click Play CISO Game free to see R24 appear live in your risk register and watch each purchase move the exposure number in real time. No signup required.

Stress-test Training Data Poisoning in the AI startup scenario →