Week of 9 February 2026
MIT AI Risk Repository spotlights a 2023 safety taxonomy for Chinese LLMs covering 8 harm scenarios and 6 adversarial attack types.
Key points
- The taxonomy claims scalability beyond Chinese-language models, making it potentially relevant to broader LLM safety evaluation work.
- This is a blog summary of a 2023 academic paper - useful reference material, not new guidance or policy.
NIST NCCoE has released draft SP 1800-39 on data classification practices, open for comment until 30 March 2026.
Key points
- The publication frames data classification as foundational to secure AI model training, Zero Trust, and quantum-safe cryptography.
- Limited direct relevance to APS AI governance work; primarily a US data-security standard with peripheral AI framing.
Week of 2 February 2026
NIST's NCCoE is consulting on a concept paper addressing identity, authorisation, and auditing of AI agents.
Key points
- The paper seeks input on use cases, standards, and controls including prompt injection mitigations for agentic AI.
- Public comment closes 2 April 2026; Australian agencies with agentic AI programs could contribute or observe.
MIT AI Risk Repository spotlights a Google DeepMind-led paper on ethical risks of advanced AI assistants.
Key points
- Framework covers value alignment, human-assistant interaction risks, and societal-scale impacts across three structured areas.
- Identifies an 'evaluation gap' where current approaches focus on model-level considerations rather than broader sociotechnical effects.
A 2023 paper proposes embedding model evaluation for dangerous capabilities and alignment into AI governance processes.
Key points
- Nine dangerous capability categories are identified, including cyber-offense, deception, self-proliferation, and situational awareness.
- MIT AI Risk Repository surfaces this as one of 25 risk frameworks - useful reference material for agencies building AI risk taxonomies.
Singapore's AI Verify Foundation developed an 11-principle testing framework covering transparency, safety, fairness, and accountability.
Key points
- The framework aligns with ASEAN, EU, OECD, and US AI governance frameworks, giving it cross-jurisdictional reference value.
- This item is a MIT AI Risk Repository blog spotlight - the substantive content originates from a 2023 Singapore Government document.
Week of 26 January 2026
NIST CAISI has released draft NIST AI 800-2, proposing best practices for automated benchmark evaluations of language models.
Key points
- The draft targets AI deployers, developers, and third-party evaluators - including procurement specialists using evaluation reports.
- A 60-day public comment period closes 31 March 2026; Australian agencies or evaluators could submit feedback.
NIST is hosting a workshop to develop a Semiconductor Development Life Cycle Security Framework for trusted microelectronics.
Key points
- Hardware security standards emerging from this process could eventually influence Australian procurement and supply chain policy.
- AI is mentioned as one of several protected system types - this is primarily a hardware security and semiconductor standards item.
Week of 19 January 2026
The Alan Turing Institute has released a framework and self-assessment tool for UK AI regulators.
Key points
- The tool is designed to help regulators evaluate their own capacity to oversee AI effectively and responsibly.
- Limited extracted text constrains full analysis; the underlying source warrants direct review for detail.
NIST's NCCoE has released its inaugural Project Portfolio outlining active cybersecurity research priorities and projects.
Key points
- The portfolio covers US cybersecurity innovation broadly; AI-specific content is not confirmed as a primary focus.
- Limited direct relevance to Australian federal agencies - included for context as a US standards-body output.
Week of 12 January 2026
NIST NCCoE hosted a hybrid workshop on 14 January 2026 to develop its Cyber AI Profile under the Cybersecurity Framework.
Key points
- The preliminary Cyber AI Profile and SP 800-53 COSAiS overlay are open for public comment until 30 January 2026.
- This is a past event with a closed comment window - limited immediate action available for APS readers.
Week of 22 December 2025
MLCommons AI Safety Benchmark v0.5 defines 13 hazard categories for evaluating chat-based AI system safety.
Key points
- Practical testing tools including ModelBench are openly available, making this usable for agency-level AI evaluation.
- V0.5 has been superseded by V1.0 (AILuminate, Feb 2025); this spotlight is retrospective context, not a new release.
MIT AI Risk Repository spotlights a 2023 paper categorising catastrophic AI risks into four proximate causes.
Key points
- The four categories — malicious use, AI race, organisational risks, and rogue AI — each include mitigations.
- This is a secondary blog summary of a 2023 paper; primary value is as a reference for risk taxonomy work.
NIST invests $20 million with MITRE to establish two AI centres focused on manufacturing productivity and critical infrastructure cybersecurity.
Key points
- Centres extend NIST's CAISI work on AI evaluation and build toward a separate $70 million AI for Resilient Manufacturing Institute.
- US-centric industrial AI strategy; limited direct Australian regulatory parallel, though signals priority areas for allied nations.
Week of 15 December 2025
NIST has released a preliminary draft Cyber AI Profile (NISTIR 8596) for 45-day public comment, closing 30 January 2026.
Key points
- The profile maps cybersecurity guidance across three areas: securing AI systems, AI-enabled defence, and AI-enabled attack resilience.
- Still in preliminary draft stage; a refined initial public draft is planned for 2026, limiting immediate applicability for Australian agencies.
NIST has released a preliminary draft Cybersecurity Framework Profile for AI (NIST IR 8596) open for public comment until 30 January 2026.
Key points
- The profile addresses three focus areas: securing AI system components, AI-enabled cyber defence, and thwarting AI-enabled attacks.
- A companion workshop is scheduled for 14 January 2026; this is a US standard with no immediate Australian compliance obligation.
A 2022 academic framework organises AI/ML risks into data-level and model-level categories with root causes and outcomes.
Key points
- The framework targets high-stakes decision settings like healthcare and transport - domains relevant to APS service delivery.
- This is a 2022 paper spotlighted by MIT's AI Risk Repository blog; it is not new primary research or Australian guidance.
NIST CAISI is hiring an AI Research Scientist focused on evaluation methods and trustworthy AI measurement.
Key points
- The role signals continued US investment in rigorous AI evaluation infrastructure relevant to international standards work.
- Job postings carry low signal for APS readers; included for context on CAISI's capability build-out only.
NIST has released SSDF Version 1.2 for public comment, covering secure software development practices.
Key points
- The framework addresses software vulnerability mitigation across development lifecycle models - not specific to AI.
- Limited direct relevance to APS AI governance work; this is a general secure software development standard.
NIST has finalised cybersecurity guidelines for smart speaker use in home telehealth and hospital-at-home programs.
Key points
- Guidelines draw on NIST CSF 2.0, Privacy Framework, and IoT baseline standards - not AI governance frameworks specifically.
- Limited direct relevance to APS AI governance work; this is primarily a health-sector IoT/cybersecurity item.
NIST NCCoE has finalised a cybersecurity white paper on telehealth smart home integration risks.
Key points
- The paper focuses on Hospital-at-Home IoT device risks, not AI governance or algorithmic systems.
- Limited direct relevance to APS AI practitioners - this is a cybersecurity and privacy item, not an AI item.
Week of 1 December 2025
MIT AI Risk Repository Version 4 now includes over 1,700 coded risks drawn from 74 published frameworks.
Key points
- Nine newly added frameworks span government reports, peer-reviewed papers, and industry sources, including a UK DSIT frontier AI paper.
- A structured, living reference for AI risk taxonomy - useful for APS governance and risk assessment work.
Week of 20 October 2025
NAIC's updated Guidance for AI Adoption consolidates the Voluntary AI Safety Standard into 6 streamlined key practices.
Key points
- Guidance offers two tiers - Foundations for new adopters and Implementation Practices for scaling organisations - with templates included.
- Primarily targets Australian businesses, not government agencies directly, though principles align with APS AI governance frameworks.
Week of 13 October 2025
MIT AI Risk Repository used LLMs to classify 950+ AI governance documents across risk, mitigation, and sector taxonomies.
Key points
- Governance failure, security vulnerabilities, and transparency were the most-covered risk domains; AI welfare and multi-agent risks were least covered.
- US-heavy dataset limits global generalisability; Australian documents are unlikely to be well-represented in current outputs.
Week of 15 September 2025
NIST is hosting a workshop on Privacy-Enhancing Cryptography implementations in September 2025.
Key points
- The event is part of a NIST series on privacy and public auditability - not focused on AI systems.
- Limited direct relevance to Australian federal AI governance; this is a cryptography standards event.