New NIST Concept Paper Outlines AI-Specific Cybersecurity Framework

NIST has released a concept paper for new control overlays to secure AI systems, built on the SP 800-53 framework. Learn what the new framework covers and why experts are calling for more detailed descriptions.

In a significant step towards managing the security risks of artificial intelligence (AI), the National Institute of Standards and Technology (NIST) has released a new concept paper that proposes a framework of control overlays for securing AI systems.

This framework is built upon the well-known NIST Special Publication (SP) 800-53, which many organizations are already familiar with for managing cybersecurity risks, while these overlays are essentially a set of cybersecurity guidelines to help organizations.

The concept paper (PDF) lays out several scenarios for how these guidelines could be used to protect different types of AI. The paper defines a control overlay as a way to customize security controls for a specific technology, making the guidelines flexible for different AI applications. It also includes security controls specifically for AI developers, drawing from existing standards like NIST 800-53.

In this image, NIST has identified use cases for organizations using AI, such as with generative AI, predictive AI, and agentic AI systems.

While the move is seen as a positive start, it’s not without its critics. Melissa Ruzzi, Director of AI at AppOmni, shared her thoughts on the paper with Hackread.com, suggesting that the guidelines need to be more specific to be truly useful. Ruzzi believes the use cases are a good starting point, but lack detailed descriptions.

“The use cases seem to capture the most popular AI implementations,” she said, “but they need to be more explicitly described and defined…” She points out that different types of AI, such as those that are “supervised” versus “unsupervised,” have different needs.

She also emphasizes the importance of data sensitivity. According to Ruzzi, the guidelines should include more specific controls and monitoring based on the type of data being used, like personal or medical information. This is crucial, as the paper’s goal is to protect the confidentiality, integrity, and availability of information for each use case.

Ruzzi’s comments highlight a key challenge in creating a one-size-fits-all security framework for a technology that is evolving so quickly. The NIST paper is an initial step, and the organization is now asking for feedback from the public to help shape its final version.

It has even launched a Slack channel where experts and community members can join the conversation and contribute to the development of these new security guidelines. This collaborative approach shows that NIST is serious about creating a framework that is both comprehensive and practical for the real world.