NIST Launches Formal Standards Work for AI Agents

The National Institute of Standards and Technology launched a formal standards initiative for AI agents, covering three domains: interoperability, security, and identity. A Request for Information on agent security closed on March 9, 2026. This is the US government's first structured attempt to define how AI agents should be built, secured, and identified in production systems.

For practitioners, NIST standards carry weight that industry specifications do not. When NIST publishes a standard, it becomes the baseline that regulators, auditors, and procurement officers reference. Building to NIST standards is not optional for teams that want to sell to government, healthcare, finance, or any regulated sector.

What does the initiative cover?

Interoperability addresses how agents from different vendors communicate and collaborate. Today, agents built with different frameworks — LangGraph, CrewAI, Google ADK, custom implementations — cannot interact without custom integration code. NIST aims to define standard protocols for agent-to-agent communication, state sharing, and task handoff.

The practical problem is real. An organisation using OpenAI agents for customer service and Anthropic agents for internal analysis cannot easily have those agents collaborate on a task that spans both domains. Standard interoperability protocols would allow multi-vendor agent deployments without custom glue code.

Security covers the attack surface that AI agents introduce. Unlike traditional software, agents make autonomous decisions, access external tools, and interact with other systems in ways that are not fully deterministic. The security standards will address threat models specific to agents: prompt injection, tool misuse, privilege escalation through multi-step reasoning, data exfiltration via agent communication channels, and supply chain attacks through compromised tools or plugins.

The RFI that closed March 9 asked the industry to identify the most critical agent security risks and propose evaluation methodologies. The responses will shape the standard's priorities.

Identity tackles a question that enterprise deployments increasingly face: how do you identify and authenticate an AI agent? When an agent accesses a database, sends an email, or modifies a document, the system needs to know which agent took the action, on whose behalf, and with what authority.

Current approaches are ad hoc — agents use service accounts, API keys, or inherit the credentials of whoever launched them. NIST is working toward a framework where agents have their own identity credentials, subject to the same governance as human user identities.

Why does this matter now?

The timing corresponds to agent deployment reaching production scale. When agents were research prototypes, standards were premature. Now that companies like Uber, Intuit, and State Farm are deploying agent workforces and platforms like OpenAI's Frontier provide enterprise management layers, the absence of standards creates real problems.

Without interoperability standards, organisations are locked into single-vendor agent ecosystems. Without security standards, every deployment invents its own threat model and defence strategy. Without identity standards, audit trails are incomplete and access control is informal.

The EU AI Act already requires risk assessments and documentation for high-risk AI systems. NIST standards will provide the concrete technical requirements that translate regulatory obligations into engineering specifications.

What should teams building agents do now?

Four practical steps:

Track the working groups. NIST publishes draft standards for public comment before finalisation. Participating in the comment process lets you influence the standards rather than simply comply with them. The NIST AI agent standards page lists upcoming workshops and comment periods.

Audit your agent identity model. If your agents use shared service accounts or inherit user credentials, you have an identity gap that NIST standards will likely flag. Start designing agent-specific identity and credential management now, before the standards force a retrofit.

Document your agent security model. Write down how your agents are secured against the known threat vectors: prompt injection, tool misuse, data exfiltration, privilege escalation. If you cannot document it, you cannot comply with a standard that requires it.

Design for interoperability. Even if you are building on a single framework today, use clean interfaces between agents and external systems. When interoperability standards arrive, the teams with well-defined agent communication interfaces will adapt quickly. The teams with tightly coupled agent-to-agent integrations will face a rewrite.

NIST standards typically take 12-18 months from initiative launch to published standard. That window is the time to get your agent infrastructure into shape. Building to the eventual standard is cheaper than retrofitting after it is published.