CISA Takes Lead on AI Security Under Trump Executive Order

CISA moves to implement AI security mandate

The Cybersecurity and Infrastructure Security Agency is preparing to roll out new AI security capabilities and directives for federal agencies this week, according to acting Director Nick Andersen. Speaking at AFCEA's TechNet Cyber conference, Andersen said CISA would provide "specific artificial intelligence platform access" to government partners before week's end.

The announcement follows President Trump's recent executive order establishing a framework for government testing of frontier AI models and directing CISA to lead cybersecurity implementation across federal agencies.

Binding directives coming soon

CISA plans to publish binding operational directives that will require federal agencies to meet new standards for AI-enabled vulnerability management and network defense. The directives stem from the executive order's requirement that CISA work with the Office of Management and Budget, the national security adviser, and the national cyber director to expedite cyber defense of civilian federal information systems.

The order also tasks CISA with establishing or expanding federal programs that enhance AI-enabled defensive tools and facilitating access to cybersecurity tools for state and local governments and critical infrastructure operators, including rural hospitals, community banks, and local utilities.

Andersen emphasized CISA's central role in the administration's AI security strategy. "You can just Control-F and search our name and you'll see us all over that executive order," he said.

Why it matters

CISA's expanded AI security responsibilities come at a critical moment when the agency has lost more than a thousand employees, including key AI security experts, due to administration cuts and reorganization. The agency's ability to deliver on these ambitious mandates while operating with a significantly reduced workforce will test whether the federal government can effectively secure AI systems that are rapidly being deployed across critical infrastructure and government operations.

Broad AI security portfolio

Andersen outlined CISA's responsibilities across multiple areas: working with AI developers to secure their models, deploying AI for network defense, and helping businesses and state governments with AI governance. The agency will also support the Treasury Department in creating the vulnerability management clearinghouse mandated by the executive order.

Despite the workforce reductions and organizational turmoil, Andersen maintained that CISA remains prepared to execute the White House's AI security agenda. "CISA is going to have a foot in every single one of those broad buckets," he said.

These details were first reported by Cybersecurity Dive.