The National Institutes of Standards and Technology is launching a new project around standards for artificial intelligence agents, with NIST positioning the project as key to advancing agentic AI innovation.
NIST’s Center for AI Standards and Innovation (CAISI) announced the “AI Agent Standards Initiative” this week. The project aims to foster “industry-led technical standards and protocols that build public trust in AI agents, catalyze an interoperable agent ecosystem, and diffuse their benefits to all Americans and across the world,” NIST said in a release this week.
“AI agents can now work autonomously for hours, write and debug code, manage emails and calendars, and shop for goods, among other emerging use cases,” NIST added. “While the productivity promise is enticing, the real-world utility of agents is constrained by their ability to interact with external systems and internal data. Absent confidence in the reliability of AI agents and interoperability among agents and digital resources, innovators may face a fragmented ecosystem and stunted adoption.”
While NIST’s press release positioned the project around innovation, the initiative’s opening products are centered on security. Since AI agents can take actions autonomously, tech experts say they present significant safety and security concerns.
The initiative’s initial outputs includes a request for information on “AI agent security.” The deadline for responses to the RFI is March 9.
“CAISI effort to understand ecosystem perspectives on current threats, mitigations, measures, and other considerations related to agent security,” NIST wrote on its website.
NIST’s National Cybersecurity Center of Excellence also released a draft concept paper on “Software and AI Agent Identity and Authorization.” Feedback on the paper is due April 2.
The goal of the project is to explore how standards can “identify, manage, and authorize access and actions taken by software agents, including AI agents, and provide practical guidelines for organizations to securely implement AI agents and benefit from their improved productivity, efficiency, and decision-making,” the NCCoE wrote.
The use and deployment of AI agent systems has also grown rapidly over the past year. A recent Microsoft Cyber Pulse report found more than 80% of Fortune 500 companies are deploying active AI agents.
But since AI agents are increasingly capable and autonomous, they can also “wreak havoc” when given free rein within technology companies, according to a recent paper published by Georgetown’s Center for Security and Emerging Technology.
The work at CAISI on agentic AI standards is expected to be critical as the Trump administration and Congress weigh a broader approach to AI regulations.
Michael Kratsios, the director of the White House Office of Science and Technology Policy has said previously that CAISI is a “very important part of the larger AI agenda.” A top House lawmaker is developing legislation to codify the center into law.
“It’s absolutely important that the legacy work around standards relating to AI are undertaken by CAISI, and that’s what they’re challenged to do,” Kratsios said in a January House hearing. “And that’s the focus that they should have, because the great standards that are put out by CAISI and by NIST are the ones that, ultimately, will empower the proliferation of this technology across many industries.”
The NIST center is expected to play a key role in setting standards for “advanced metrology of model evaluation,” Kratsios said.
“That is something that can be used across all industries when they want to deploy these models,” he said. “You want to have trust in them so that when everyday Americans are using, whether it be medical models or anything else, they are comfortable with the fact that it has been tested and evaluated.”
The Biden administration initially established CAISI as the “AI Safety Institute.” The Trump administration rebranded the center, arguing it should focus on standards and innovation.
Copyright
© 2026 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.
