NIST targets summer 2025 debut for AI cybersecurity framework overlays

Victoria Pillitteri, manager of NIST's Security Engineering and Risk Management Group, told a Qualys conference audience Thursday that a cybersecurity framework profile for AI is expected "sometime this summer," pending agency approval. The profile will be accompanied by a series of control overlays developed with NIST's Center for AI Standards and Innovation (CAISI): tailored cybersecurity baselines for predictive, agentic, and generative AI systems, released sequentially in draft so that feedback from earlier rounds can shape later ones. Final guidance is targeted for 2027.

The sequencing is deliberate, not cautious. Pillitteri's framing ("adoption is happening now") signals that NIST is trying to get something contractually citable in front of the market before the gap between what agencies are deploying and what their security baselines cover becomes a procurement liability. The overlays are not a replacement for SP 800-171 or 800-172; they are designed to augment existing control sets for environments where AI components are part of the system boundary.

What contractors should read into the timeline

The predictive-AI overlay arriving this summer sets the precedent. If CAISI and the FAR Council move at anything approaching the current administration's stated "speed" priority, a draft overlay becoming a contract reference within 12-18 months of publication is plausible. Primes and Tier-1 subs who are already running AI-assisted workflows (automated vulnerability triage, predictive threat scoring, AI-assisted CUI handling) should treat the summer draft as a gap-assessment trigger, not background reading.

The agentic-AI overlay is the one to watch for longer-term planning. Agentic systems operating with autonomous decision authority inside CUI environments or handling controlled technical information represent the most unsettled area of the current 800-171 rev 3 control set. NIST has no existing overlay for them; the forthcoming guidance will be the first attempt to define the baseline.

The mandatory-versus-advisory question is still open

Pillitteri's remarks, as reported by Nextgov, do not resolve whether these overlays will carry normative weight in federal contracts or remain advisory supplements. That distinction matters enormously. Advisory NIST guidance can inform a contractor's system security plan without creating a compliance obligation; a DFARS or FAR clause that references the overlay by name creates one. The 2027 finalization target leaves time for OMB or the FAR Council to determine how the overlays integrate with existing CMMC and 800-171 compliance structures, but no commitments were described.

NIST's characterization of the effort as "augment, not rip and replace" tracks with how 800-171 rev 3 was framed when it absorbed controls from the AI Risk Management Framework (AI RMF). That framing did not prevent rev 3 from becoming a mandatory baseline under CMMC Level 2. Contractors who waited to assess rev 3 until it appeared in a contract clause are already behind. The same risk applies here.

One complicating backdrop: the CAISI partnership with Google DeepMind, Microsoft, and xAI for frontier model testing (announced last week by Commerce) had its press release pulled as of Thursday, with the Washington Post citing White House sensitivities. That removal does not affect the overlays work Pillitteri described, but it is a reminder that the institutional environment CAISI is operating in is not settled.