White House cyber shop is crafting AI security policy framework, top official says - Nextgov/FCW

Stay Connected Featured eBooks CDM READ NOW Future-Ready Workforce READ NOW Insights & Reports By David DiMolfetta, Cybersecurity Reporter, Nextgov/FCW FEBRUARY 3, 2026 ONCD chief Sean Cairncross also said a bedrock National Cyber Strategy, initially expected last month, is coming “sooner rather than later” without specifying a date. CYBER THREATS CYBER DEFENSE The White House Office of the National Cyber Director is developing an AI security policy framework to bolt security measures into U.S-led AI tech stacks, the office’s top official said Tuesday. National Cyber Director Sean Cairncross, speaking at the Information Technology Industry Council’s Intersect policy summit, did not indicate when this framework would be finalized, but said the project is a “hand-in-glove” effort with the Office of Science and Technology Policy.  President Donald Trump “is very forward leaning on the innovation side of AI,” Cairncross said. “We are working to ensure that security is not viewed as a friction point for innovation” but is built into AI systems foundationally, he added. An AI security blueprint helps organizations manage risks that affect how their AI systems function. Security experts frequently cite data poisoning attacks, which change the underlying data an AI system is trained on, as a possible risk to companies and governments. Also top of mind in the cyber community are agentic security tools that can self-automate cyber intrusions. In November, Anthropic said suspected Chinese hackers used the company’s signature AI tool to automate about 80% 90% of a hacking operation that targeted some 30 organizations worldwide. “I think you can look back on the start of just the way the internet came into being, and it’s optimized for commerce and communication and for ease of function, but security wasn't built into that ground level,” Cairncross added. “We’ve been sort of reverse engineering ever since that point, and so we are seeking to avoid that on the AI side.” The Office of the National Cyber Director has been developing a short National Cyber Strategy focused heavily on offensive cybersecurity operations, removing regulatory hurdles and boosting the nation’s cyber workforce through a model akin to venture capital and incubator firms. It was expected last month, but has been delayed, multiple people familiar previously told Nextgov/FCW. Asked on stage about a release timeline for the strategy, Cairncross said it would come “sooner rather than later” without specifying further. Share This: NEXT STORY: Key cyber statutes at risk again as Congress works to avert shutdown