Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Cybersecurity Insights
a NIST blog
Cybersecurity and AI: Integrating and Building on Existing NIST Guidelines
On April 3, 2025, NIST hosted a Cybersecurity and AI Profile Workshop at our National Cybersecurity Center of Excellence (NCCoE) to hear feedback on our concept paper which presented opportunities to create profiles of the NIST Cybersecurity Framework (CSF) and the NIST AI Risk Management Framework (AI RMF). These would serve to support the cybersecurity community as they adopt AI for cybersecurity, need to defend against AI-enabled cybersecurity attacks, as well as protect AI systems as organizations adopt AI to support their business. Stay tuned for the soon to be released Workshop Summary Report!
What about Implementation Guidelines?
Community Profiles provide a way for communities (i.e., group of organizations that share a common context and an interest in their cybersecurity posture) to describe a consensus point of view about cybersecurity risk management. A CSF Profile for AI can include a wide variety of information, ranging from priorities to implications, as well as informative references, all framed through a common taxonomy of high-level cybersecurity outcomes. Community Profiles provide a shared taxonomy for cybersecurity risk management and priorities, help align requirements from multiple sources, and encourage common target outcomes. Click here to learn more about Community profiles.
Community Profiles are an important first step. We’ve also heard strong demand (and opportunity) for NIST to concurrently provide practical implementation guidelines to help organizations achieve the outcomes in the Cyber AI profile. By working these efforts simultaneously, the profile development can inform implementation guideline development, and vice versa.
Both federal agency stakeholders and private sector stakeholders have identified such a need for practical implementation guidelines to help improve the cybersecurity of AI systems. Following on the feedback not to reinvent the wheel, NIST intends to fully leverage existing cybersecurity Frameworks and technical guidelines (specifically the Security and Privacy Controls) to develop a series of use case-focused, threat-informed cybersecurity control overlays.
Control overlays are a set of NIST SP 800-53 controls designed and tailored to address specialized requirements, technologies, or unique missions or environments of operations. In contrast to Community Profiles and the Frameworks that leverage them, the SP 800-53 controls are generally more detailed and geared toward specific implementations.
Rather than a general cybersecurity and privacy control overlay for all AI, we see that there is a critical need for more implementation-focused and use-case specific overlays to cover the different types of AI systems, specific components, and users. This is because:
- In many aspects, the cybersecurity and privacy controls needed to manage risk to AI systems and components is no different than those required for any type of software; there is no need to rehash or reiterate these controls.
- Not every organization will be developing AI; many will just be users. In these cases, scoping the needs for the intended user will ensure lightweight and modular solutions that organizations can pick from to use alone or in different combinations to meet their unique needs.
- The focus of these overlays should be based solely on the controls that require unique implementation considerations and address AI-specific risks.
The foundations of building a use-case focused set of control overlays already exist in NIST guidelines:
- NIST SP 800-53 – Security and Privacy Controls for Information Systems and Organizations (a catalog of security and privacy controls that can be selected and tailored to create the overlays).
- SP 800-218A - Secure Software Development Practices for Generative AI and Dual-Use Foundation Models: An SSDF Community Profile (a starting point for identifying specific information assets and security practices to translate to controls for AI developers).
- NIST AI-100-2e2025 - Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations (a set of AI use cases and AI-centric attacks and mitigations).
NIST will develop control overlays that are responsive to stakeholders' calls to build on existing Frameworks and guidelines, and also demonstrate how our broad portfolio can be used seamlessly together to improve cybersecurity risk management practices.
Plans for NIST’s Future Work at the Intersection of Cybersecurity and AI:
To complement the efforts mentioned above, NIST may conduct research and work with the community to:
- Identify, develop, and seek public comment on additional high-level overlay use cases for organizations developing AI and using AI.
- Set up a Community of Interest (COI) for AI Control Overlays to ensure ongoing engagement.
- Continue to receive ideas and feedback from the cybersecurity and AI community every step of the way – through the COI, workshops, and other mechanisms.
- Share progress and details about what we’re up to.
We hope you will join us and contribute your feedback on this exciting new work; NIST welcomes your feedback and participation!
Please email us at AICyber [at] nist.gov (AICyber[at]nist[dot]gov) and sign up for our email list for future updates.
