CMMC for AI? Defense Policy Law Imposes AI Security Framework and Requirements on Contractors

In an important first, the yearly defense policy law, the National Defense Authorization Act (NDAA) for Fiscal Year 2026, directs the Department of Defense (DoD)  to develop and implement a framework addressing the cybersecurity and physical security of artificial intelligence and machine learning technologies (AI/ML) acquired by the Pentagon.

The NDAA (at Section 1513) also directs the DoD to incorporate this framework—once developed—into the Defense Federal Acquisition Regulation Supplement (DFARS) and the Cybersecurity Maturity Model Certification (CMMC) program to ensure that contractors developing, deploying, storing, or hosting AI/ML for DoD comply with the framework.  CMMC, a unified assessment model for defense contractors handling certain categories of regulated data, was finalized in the autumn of 2025 and is expected to apply to the entire defense industrial base.

Given the size and scope of DoD procurement, these contracting provisions will have a significant impact on the development of cybersecurity standards for AI/ML in the general market and may help establish de facto industry standards that extend beyond the national security sector.

AI/ML Security Framework:

• The DoD framework will be designed to address AI/ML-specific security risks, including supply chain vulnerabilities, such as data poisoning (e.g., when attackers contaminate the datasets on which ML models train to misclassify information, generate biased output, or embed hidden vulnerabilities), adversarial tampering (e.g., when attackers deliberately compromise hardware, software, data, or processes), and unintentional data exposure (e.g., when sensitive data is accidently disclosed through mistakes in configuration, handling, access controls, or processes).
• The framework will be informed by established cybersecurity standards, including the NIST Special Publication 800 series, that include guidelines, recommendations, technical specifications, and annual reports of NIST’s cybersecurity activities.
• The framework must be implemented as “an extension or augmentation” of existing DoD cybersecurity frameworks, including CMMC.
• The framework will focus on highly capable AI systems that may be of highest interest to cyber threat actors, applying stringent security requirements that align with protections for national security systems.
• The framework will apply to “covered” AI/ML, defined as AI/ML acquired by DoD and all associated components, including source code, model weights, and the methods, algorithms, data, and software used to develop the AI/ML.

DFARS Security Requirements for Contractors:

• The DFARS will be amended to mandate that DoD contractors implement the framework’s best practices.
• The framework will guide the specific security measures that contractors must adopt, ensuring they are tailored to the particular AI/ML technologies and tasks that they handle.
• In creating new DFARS regulations, the DoD must conduct a cost-benefit exercise weighing the benefits of imposing new security requirements against the costs of slowing down AI/ML development and deployment.
• The security requirements will apply to “covered entit[ies],” defined as entities entering into contracts or agreements with the DoD for the development, deployment, storage, or hosting of covered AI/ML.

Section 1513 does not provide an implementation deadline for the framework or security requirements but instructs the DoD to create a plan establishing implementation timelines and milestones and to provide a status update to Congress by June 16, 2026.  Notably, CMMC began with a provision in the FY2020 NDAA and took years to finalize, only recently coming into effect.  Despite its slow burn, many contractors have found themselves unprepared for CMMC’s roll-out.  To avoid similar challenges here, contractors focused on developing AI/ML technologies should closely monitor the establishment and implementation of these requirements.