Now Available! Control Overlays for Securing AI Systems Concept Paper and Slack Channel
NCCoE Cyber AI Profile Community of Interest Members,
NIST is excited to launch a subgroup focused on NIST SP 800-53 Control Overlays for Securing AI Systems and to concurrently release a concept paper discussing NIST’s proposed action plan. Based on stakeholder feedback during the Cyber AI Profile workshop, NIST plans to develop implementation-focused guidelines for AI systems based on existing resources and frameworks. This effort complements and leverages the broad portfolio of work on cybersecurity and AI across NIST, including the NIST Risk Management Framework, the CyberAI Profile, the AI RMF, and the guidelines on Managing Misuse Risk for Dual-Use Foundation Models.
The concept paper outlines proposed AI use cases for the control overlays to manage cybersecurity risks in the use and development of AI systems. The use cases address generative AI, predictive AI, single and multi-agent AI systems, and controls for AI developers. Control overlays are fully-specified sets of cybersecurity controls, control enhancements, and supplemental guidance derived from the application of tailoring guidance to control baselines. See NIST Risk Management Framework | CSRC for more information on control overlays.
NIST welcomes you to join the NIST Overlays for Securing AI (#NIST-overlays-securing-AI) Slack channel to contribute to the development of these overlays, get updates, engage in facilitated discussions with the NIST principal investigators and other subgroup members, and provide real-time feedback and comments.
Learn more about the Control Overlays for AI Project, Slack space, and how to engage at https://csrc.nist.gov/projects/cosais. Questions and comments can be directed to overlays-securing-ai@list.nist.gov.
NIST Cybersecurity and Privacy Program
Questions/Comments about this notice: overlays-securing-ai@list.nist.gov
NCCoE Website questions: nccoe@nist.gov
|
