US Push to Export AI Cybersecurity Standards and Norms
The Office of the National Cyber Director (ONCD) said the US government is pursuing diplomacy to encourage other countries to adopt American AI cybersecurity standards and norms, positioning secure AI deployment as part of a broader effort to advance US AI leadership. Alexandra Seymour, the ONCD’s principal deputy assistant national cyber director for policy, said the administration plans to promote industry best practices for secure AI deployment and to accelerate adoption of AI-enabled defensive tools to “detect, divert and deceive” threat actors targeting critical systems, alongside continued federal network modernization and preparation for post-quantum cryptography.
Seymour’s remarks were delivered at the Identity, Authentication, and the Road Ahead Policy Forum and were framed as consistent with themes in the administration’s AI Action Plan, including a role for the Departments of Commerce and State in advocating international governance approaches aligned with US values and countering authoritarian influence. Reporting also noted that some internationally oriented guidance has already been issued (including releases in May and December) and that other governments are similarly seeking to shape global AI security standards, while a forthcoming national cybersecurity strategy is expected to further address AI’s role in defending federal networks.
Sources
Related Stories
Trump Administration Cyber Strategy Emphasizes Secure AI Adoption and Industry Coordination
The White House Office of the National Cyber Director (ONCD) said a forthcoming U.S. national cyber strategy will prioritize **rapid but secure adoption of AI** for cyber defense, aiming to expand the use of AI-enabled tools to *detect, divert, and deceive* threat actors without unintentionally widening the attack surface. ONCD policy lead Alexandra Seymour also highlighted plans to advance U.S. **AI cybersecurity standards**, establish industry best practices for secure AI deployment, and pursue “counter-AI” efforts to protect frontier models and counter adversary use of AI. The strategy is also expected to include a pillar focused on strengthening the cybersecurity workforce by aligning curriculum, workforce standards, cyber literacy, and job placement across government, industry, and academia. Separately, ONCD indicated U.S. cyber responses will be more explicitly **linked to adversary actions** and will require closer coordination with **state/local governments and critical infrastructure owners/operators**, reflecting a more assertive posture driven in part by recent high-profile intrusions into U.S. critical infrastructure (including telecom). In parallel with these federal strategy signals, the U.S. Treasury Department announced it will publish a set of resources created by a public-private coalition to improve **cyber risk management for AI systems in the financial sector**, intended to support secure AI adoption as banks expand AI use for fraud detection, customer service, trading, and risk modeling—areas that can introduce new vulnerabilities due to sensitive data dependencies and third-party/vendor exposure.
3 weeks agoFederal Push for AI Security Standards and Playbooks
The U.S. government is intensifying efforts to secure artificial intelligence systems against foreign threats, with legislative and operational initiatives underway. A bipartisan bill, the Advanced AI Security Readiness Act, has been introduced to require the National Security Agency to develop a comprehensive security playbook for protecting federal AI systems. This playbook will address vulnerabilities such as model-weight theft, insider threats, and cyberespionage, and will involve collaboration with major AI developers, national laboratories, and multiple federal agencies. The move follows recent NSA publications on AI security and reflects growing concern over adversaries seeking to exploit American AI innovation. In parallel, the Defense Logistics Agency is accelerating the adoption of AI tools across its operations, emphasizing the need to keep pace with adversaries like China and Russia. The agency's CIO highlighted the importance of Pentagon-wide AI integration to maintain a technological edge in defense logistics. These developments underscore a coordinated federal approach to both leveraging and securing AI technologies in critical government functions.
3 months ago
US government and industry expand AI and critical-infrastructure cyber information sharing efforts
US cybersecurity officials said work is underway to stand up new and expanded government–industry mechanisms for sharing threat intelligence, with a particular focus on **AI security** and **operational technology (OT)** risks to critical infrastructure. CISA executive assistant director Nick Andersen said an **AI Information-Sharing and Analysis Center (AI-ISAC)** ordered by the White House is still in an “ongoing policy dialogue” phase, with stakeholders trying to resource the effort and avoid duplicating existing private-sector information-sharing initiatives; he also said there is no launch timeline and described the effort as moving through a “pre-decisional” process. In parallel, Andersen said DHS/CISA is planning a replacement for the disbanded **Critical Infrastructure Partnership Advisory Council (CIPAC)**, aiming to correct gaps in the prior structure—particularly the lack of an explicit cybersecurity charter—and to enable more targeted focus groups on issues such as **undersea cables** and OT systems. Separately, the White House Office of the National Cyber Director said it is developing an **AI security policy framework** intended to embed security controls into AI “tech stacks” in coordination with the Office of Science and Technology Policy, citing risks such as **data poisoning** and the potential for **agentic** capabilities to accelerate intrusions. In the private sector, the **Manufacturing ISAC (MFG-ISAC)** reported increased collaboration to address rising threats to manufacturing, including OT-focused initiatives such as tabletop exercises, OT training, and development of incident response playbooks and OT threat guidelines, alongside preparation for updated **CMMC** requirements—reinforcing the broader push toward structured, sector-based information sharing and readiness for critical-infrastructure cyber threats.
1 months ago