NIST's draft Cybersecurity Framework Profile for AI converges CSF 2.0, AI RMF, and RMF into actionable outcomes for securing AI systems. Open for comments until Jan 30, 2026: PDF
| Framework | Focus | Profile Role |
|---|---|---|
| CSF 2.0 | Cyber Resilience | Taxonomy: Govern-Recover |
| AI RMF 1.0 | Trustworthiness | |
| AI Risks: Bias, Validity | ||
| Cyber AI Profile | AI-Cyber Intersection | Maps to CSF Subcategories |
Protect pipelines from poisoning/injection. Prompt: "Map adversarial robustness risks in PM AI agent."
Counter automation bias in SOCs. Ties to your PM Risk Assessor demo.
Update IAM for deepfakes/agentic recon.
- No Guesswork: CSF subcats like AI Asset Mgmt (ID.AM).
- Supply Chain: AI SBOMs for vendors.
Next: Forkable prompts in /prompts/ for RMF audits.