NSA issues guidance on AI supply chain risks and cybersecurity vulnerabilities

The US National Security Agency (NSA) has published new cybersecurity guidance addressing risks across the AI supply chain, highlighting growing concerns as AI systems become more widely deployed.

The guidance, released in March 2026, defines the AI supply chain as a combination of components including training data, models, software, hardware, infrastructure and third-party services, all of which can introduce vulnerabilities affecting system security and reliability.

It identifies several risks linked to data, including bias, data poisoning and exposure through model inversion or data extraction techniques. At the model level, the NSA warns of threats such as hidden backdoors, manipulation and evasion attacks, which could compromise system behaviour.

The document also points to risks in software and infrastructure, noting that AI systems often depend on complex and interconnected components that expand the attack surface. Vulnerabilities may also arise from third-party providers, particularly where supply chains lack transparency.

To address these issues, the NSA recommends measures such as verifying data and model integrity, maintaining trusted model registries, conducting regular security testing, and documenting dependencies through software and AI bills of materials.

The guidance aligns with existing frameworks from organisations such as the National Institute of Standards and Technology (NIST) and MITRE, reflecting broader efforts to strengthen security practices in the development and deployment of AI technologies.