Hélène Deschamps Marquis’s articles from Borden Ladner Gervais LLP are most popular:
- with Inhouse Counsel
- in United States
- with readers working within the Banking & Credit, Healthcare and Transport industries
In Dec. 2025, the National Institute of Standards and Technology (NIST) released a draft of the Cybersecurity Framework Profile for Artificial Intelligence (Cyber AI Profile), a new extension of the NIST Cybersecurity Framework (CSF) 2.0.
- While voluntary, NIST standards are often influential benchmarks of what regulators and the industry regard as best practices.
- Rather than treating AI as just a tool, this new framework positions AI systems as a distinct and evolving cyber risk category, requiring tailored governance, supply-chain scrutiny, operational safeguards, and continuous monitoring.
- This new Cyber AI Profile focuses on three priorities:
-
- Secure: Given that AI systems create new attack surfaces, from the AI system itself to their supply chains and infrastructure, organizations must implement AI-specific safeguards, such as data provenance checks, adversarial-input protections, and model configuration controls, to manage these new risks effectively.
- Defend: AI can significantly enhance defensive operations by improving detection, triage, and threat intelligence correlation. However, organizations must implement strong validation and human oversight to prevent errors, drift, and over-automation risks.
- Thwart: Organizations must build resilience and robustness in their defence systems against new cyber threats enabled by AI.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
