Overview
Severity: MEDIUM | Affected: U.S. Department of Commerce / NIST | Category: policy
The White House has issued a new Executive Order on 'Securing the AI Development Lifecycle,' aiming to standardize security practices for all AI systems developed for or used by federal agencies. The order mandates the adoption of a new framework, developed by NIST, which requires continuous vulnerability scanning of models, provenance tracking for training data, and mandatory red-teaming exercises before deployment. A key provision is the requirement for a 'Model Bill of Materials' (MBOM), which documents all components, datasets, and libraries used to build an AI model. This policy aims to mitigate risks from data poisoning and supply chain attacks. Companies contracting with the government will have a 12-month grace period to comply. The move is seen as a significant step toward regulating AI safety and security at a national level, setting a potential precedent for the private sector.