The emergence of the NIST Cybersecurity Framework Profile for Artificial Intelligence (Cyber AI Profile, NIST IR 8596 iprd) is an attempt to provide organizations with a unified, practical language for managing AI‑related cyber risks while also using AI to strengthen cybersecurity capabilities. The Profile is built on top of the NIST CSF 2.0 and adapts its Functions, Categories, and Subcategories to the AI system lifecycle.
Purpose and positioning of the Profile
The Cyber AI Profile describes which cybersecurity outcomes should be achieved when designing, developing, deploying, and operating AI systems, rather than prescribing specific technologies. The Profile is conceived as a community profile: NIST has deliberately released an initial draft for public comment, expecting feedback from industry and regulators.
The document serves two goals:
-
structuring AI‑specific risks (data, models, supply chains, MLOps);
-
clarifying where AI can act as a force multiplier for traditional cybersecurity controls (event analytics, anomaly detection, automation).
Structure: CSF 2.0, but for AI
The Profile is organized around the five NIST CSF 2.0 Functions (Identify, Protect, Detect, Respond, Recover) and their outcomes, enhanced with AI‑specific considerations. For each Function, it offers Categories and Subcategories that can be mapped to internal controls, policies, and metrics.
This design gives organizations two benefits: it minimizes fragmentation (AI risk is embedded into the existing GRC system rather than managed separately) and makes it easier to align with other NIST publications (such as the AI RMF and the SP 800 series).
Managing AI risk across the lifecycle
The Profile emphasizes that risk management must span the entire AI lifecycle: from data collection and model selection to deployment, operation, and decommissioning. Key topics include managing training and inference data, protecting models from poisoning and evasion attacks, securing MLOps pipelines, and assessing third‑party AI services.
Special attention is paid to integrating AI risks into existing enterprise risk management processes so that AI decisions are made at the same governance levels where financial, operational, and regulatory risks are discussed.
AI as a cybersecurity enabler
A separate focus of the Profile is using AI to improve SOC effectiveness, automate response, and analyze large volumes of telemetry. NIST stresses that such AI solutions must be evaluated as full‑fledged security infrastructure components, with their own threat models and data quality requirements.
Implementing these recommendations allows organizations to increase cybersecurity maturity without turning AI tools into new single points of failure or attack vectors.
Why this preliminary draft matters for practitioners
The current version of NIST IR 8596 is published as an Initial Preliminary Draft with an open public comment period and a direct feedback channel. For CISOs and AI security specialists, this is an opportunity to influence the emerging de facto standard for describing and prioritizing AI‑related cyber risks, which is likely to become a reference for sectoral regulators and internal corporate methodologies.
