Federal agencies are quickly adopting artificial intelligence (AI) to make more informed decisions faster. And it's boosting productivity in all kinds of ways, from automating citizen services to accelerating vulnerability response. It's not an overstatement to say that AI is becoming central to government operations, thanks to increased access to these systems. Yet, with this transformation comes a critical challenge for DevSecOps: creating policies that allow organizations to leverage AI while ensuring these systems remain trustworthy, secure, and compliant with federal standards.
The NIST AI Risk Management Framework (AI RMF) provides the authoritative blueprint for developing trustworthy AI systems. This framework doesn't exist in a vacuum; it complements broader federal mandates for cybersecurity, including the principles of Cyber Supply Chain Risk Management (C-SCRM) outlined in NIST SP 800-161. Translating these principles into actionable security practices, especially across complex software supply chains, requires actionable strategies that extend beyond theoretical compliance.
For federal agencies deploying AI at scale, the real challenge lies in operationalizing AI RMF principles within existing software development life cycles. This means integrating AI risk management into the same supply chain security practices that already govern traditional software components, including software bills of materials (SBOMs), component vetting, and provenance tracking.
The Role of AI in Federal Operations
From the VA's AI-powered call centers that automatically correlate patient histories and prescription data to automated vulnerability identification systems that accelerate security response, AI has gone from experimental to operational. This introduces unique security challenges that conventional frameworks struggle to address. The software supply chain becomes exponentially more complex when AI components enter the equation. A single AI application could include dozens of pre-trained models, specialized libraries for tensor operations, and data preprocessing pipelines — each introducing potential risk vectors that standard security tools cannot fully evaluate.
And organizations today don't always understand how much open source AI is making its way into their systems. However, the fundamental principles that secure traditional open source components apply equally.
Organizations that have mastered dependency management, vulnerability scanning, and component governance are better positioned to extend these practices to AI systems.
Enhanced Transparency Through AI-Aware SBOMs
The AI RMF's four core functions — Govern, Map, Measure, and Manage — align directly with established software supply chain security practices that federal agencies already implement.
The AI RMF's emphasis on transparency maps perfectly to SBOM requirements, but AI applications demand an expanded definition of what constitutes a "component." Traditional SBOMs catalog software libraries and dependencies. AI-enhanced SBOMs must also document model provenance, training data characteristics, and algorithmic decisions that influence system behavior. Organizations implementing this approach track not only which AI models are deployed, but also their training methodologies, data sources, and performance benchmarks. This enhanced transparency enables teams to assess potential risks and make informed decisions about model selection and deployment.
Resilience Through Component Governance
The AI RMF's focus on resilience maps directly to established practices in component governance. Organizations that have implemented policies for open source component approval can extend these frameworks to include AI libraries, pre-trained models, and training datasets. This involves establishing risk thresholds for AI components based on factors like model complexity, training data sensitivity, and deployment criticality. Teams can then automate approval workflows that ensure only vetted AI components reach production environments.
Operationalizing AI RMF Through Development Practices
Translating AI RMF principles into secure development requires integrating AI risk management into existing DevSecOps workflows. This means treating AI components with the same rigor as traditional software dependencies, while accounting for their unique characteristics.
Automated Policy Enforcement
Modern software supply chain security tools like Sonatype Lifecycle and Repository Firewall can extend their capabilities to AI components. Just as these tools automatically scan traditional dependencies for vulnerabilities and policy violations, they can evaluate AI components against established risk criteria.
This includes blocking AI models that don't meet organizational standards, flagging components with questionable provenance, and ensuring compliance with federal AI governance requirements. The automation ensures consistent policy enforcement without slowing development velocity.
Continuous Monitoring and Assessment
AI systems require continuous monitoring beyond traditional vulnerability scanning. Sonatype Platform capabilities support this through continuous assessment of AI components, tracking changes in model performance, and alerting teams to newly discovered risks in AI dependencies.
Federal agencies benefit from this approach because it provides the same centralized visibility and control they already use for traditional software components. Teams can manage AI risks using familiar tools and processes, reducing the learning curve and accelerating adoption.
Integration with Existing Workflows
The most successful AI RMF implementations leverage existing software supply chain management tools, rather than introduce entirely new systems. Sonatype Nexus Repository, for example, can serve as a centralized repository for approved AI models and components, ensuring teams only access vetted resources.
This integration approach aligns with federal technology leaders' observations that agencies prefer extending proven solutions, rather than adopting entirely new tool-chains. It reduces complexity while providing comprehensive coverage across traditional and AI-enabled applications.
Measuring Success and Continuous Improvement
The AI RMF's emphasis on measurement aligns with the metrics-driven approach of modern software supply chain security. Organizations can track AI risk management effectiveness using the same dashboards and reporting mechanisms they use for traditional security metrics.
Key performance indicators include the percentage of AI components with complete provenance documentation, time-to-remediation for AI-specific vulnerabilities, and compliance rates for AI governance policies. The Sonatype Platform provides centralized visibility into these metrics, enabling data-driven decisions about AI risk management maturity.
Federal agencies benefit from this approach because it provides concrete evidence of AI RMF compliance for auditors and stakeholders. Rather than relying on subjective assessments, agencies can demonstrate measurable progress in AI trustworthiness and security.
Extending Proven Security Practices to AI Risk Management
The most practical approach to AI RMF implementation builds on established software supply chain security foundations. Organizations that have already implemented comprehensive SBOM management, component governance, and continuous monitoring are well-positioned to extend these capabilities to AI systems.
This approach recognizes that AI risk management isn't fundamentally different from traditional software supply chain security — it's an evolution of proven practices applied to new component types. Federal agencies can leverage existing investments in tools like Sonatype while expanding their scope to cover AI-specific risks and requirements.
The key insight is that successful AI RMF implementation doesn't require starting from scratch. It requires extending mature software supply chain security practices to cover the full spectrum of modern application components, including AI models, training data, and algorithmic dependencies. By taking this approach, federal agencies can operationalize AI RMF principles within familiar workflows and tools, accelerating adoption while maintaining the security and compliance standards that government operations require.
Want to dive deeper into securing AI in federal software supply chains? Watch the full webinar to learn practical strategies for operationalizing the AI RMF.
Antoine Harden brings 25 years of public-sector technology leadership spanning Oracle, CA Technologies, Google, Elastic, and startups like Imperva and Exabeam, to his current role leading Sonatype's federal efforts. He combines strategic insight into federal procurement and mission requirements ...
Tags
Build Smarter with AI and ML.
Take control of your AI/ML usage with visibility, policy enforcement, and regulatory compliance.