Notifications
Clear all
Topic starter
25/06/2026 3:09 pm
TL;DR: The NIST NCCoE COI working session shifted AI security emphasis toward Detection and away from earlier consensus, with more than 300 participants discussing how a cyber AI profile should overlay NIST CSF 2.0 for AI system components, according to Zenity. The practical takeaway is that agent behaviour now needs governance models closer to human monitoring than SaaS oversight, because the old assumptions no longer fit operational AI.
NHIMG editorial — based on content published by Zenity: Why Detection? Why Now? Key Takeaways from the NIST NCCoE Public COI Working Session
By the numbers:
- 300 people joined the discussion on how a, n on how a cyber AI profile should overlay NIST CSF 2.0 for AI system components.
Questions worth separating out
Q: How should security teams detect risky AI agent behaviour in production?
A: Security teams should detect risky AI agent behaviour by monitoring runtime decisions, tool selection, action sequences, and deviations from the approved use case.
Q: Why does AI complicate NIST CSF 2.0 governance?
A: AI complicates NIST CSF 2.0 governance because the framework still works, but the interpretation of Govern and Detect changes when the system can act autonomously.
Q: What breaks when organisations monitor AI agents like normal applications?
A: What breaks is behavioural visibility.
Practitioner guidance
- Define AI agent detection requirements Specify which runtime behaviours must be logged, correlated, and alertable, including tool choice, action sequence, and scope drift across systems.
- Map AI controls to CSF 2.0 Assign each AI security requirement to an existing NIST CSF 2.0 function so governance, detection, and response remain operationally coherent.
- Establish organisational context for AI use Document the mission, stakeholders, and approved outcomes for each AI use case before you rely on telemetry to judge acceptable behaviour.
What's in the full article
Zenity's full article covers the commentary and session context this post intentionally leaves for the source:
- First-hand notes from the NCCoE working session discussion and how participants framed the cyber AI profile.
- The article’s own explanation of why Detection rose in importance between the April and September sessions.
- Zenity’s view on how AI agents change the practical interpretation of CSF 2.0 functions.
- The concluding call for practitioners to follow the NCCoE Cyber AI Profile workstream and related NIST efforts.
👉 Read Zenity's takeaways from the NIST NCCoE AI security working session →
AI agent detection in NIST CSF 2.0: what teams need to do?
Explore further
25/06/2026 4:31 pm
Detection becomes the governance boundary when AI agents move from theory to operations: Once an agent can select actions at runtime, the old assumption that monitoring is mostly about known application paths no longer holds. Security teams now need to judge whether a runtime identity is acting within expected behavioural bounds, not just whether it authenticated correctly. The practitioner implication is that AI security programmes must treat detection as a primary control surface, not a secondary log review function.
A few things that frame the scale:
- 1 in 4 organisations are already investing in dedicated NHI security capabilities, with an additional 60% planning to do so within the next twelve months, according to The State of Non-Human Identity Security.
- Only 1.5 out of 10 organisations are highly confident in their ability to secure NHIs, compared to nearly 1 in 4 for securing human identities.
A question worth separating out:
Q: Who is accountable when an AI agent takes an unexpected action?
A: Accountability should sit with the team that defined the agent’s purpose, access, and oversight model, not with the monitoring tool or the model itself. If ownership, acceptable use, and escalation paths are unclear, the organisation cannot explain or govern the action after the fact.
👉 Read our full editorial: AI agent detection is becoming central to NIST cyber AI governance
