Source: Inside Privacy

Inside Privacy reports that on December 16, 2025, the U.S. National Institute of Standards and Technology (NIST) published a preliminary draft of the "Cybersecurity Framework Profile for Artificial Intelligence" (Cyber AI Profile). This document is designed to provide comprehensive guidelines for managing cybersecurity risks specifically associated with AI systems, while identifying ways to use AI to bolster overall security. The draft overlays three new AI-specific focus areas—Secure, Detect, and Thwart—onto the existing NIST Cybersecurity Framework (CSF) 2.0 to help organizations adapt to emerging technological threats.

The draft emphasizes building resilience against AI-enabled attacks, such as deepfakes and sophisticated phishing campaigns. It also introduces a prioritization system (High, Moderate, and Foundational) to help organizations categorize their cybersecurity needs. NIST has invited stakeholders to provide feedback on the document structure and content until January 30, 2026. Additionally, a workshop is scheduled for January 14, 2026, to discuss the implementation of these informative references and ensure that the framework aligns with international standards and industry-consensus best practices for safe AI deployment.