• Forging Trust
  • Posts
  • The Compliance Language Barrier, and the NIST AI Risk Management Framework

The Compliance Language Barrier, and the NIST AI Risk Management Framework

IT channel and business news with a focus on regulatory compliance.

Author

Blacksmith Team
February 04, 2026

šŸ“ƒ What to Know About the NIST AI RMF

For MSPs, SaaS vendors, and vCISO practices, AI RMF becomes a way to make AI governance tangible in client engagements. It offers a shared vocabulary for discussing AI risks, building AI use policies, and designing assessment and remediation roadmaps that can be mapped to regulatory trends and buyer expectations.

Early adopters can differentiate themselves by not only deploying AI but being able to demonstrate a credible, standardsā€‘aligned story about how they manage its numerous risksā€¦

šŸ—Øļø Turning a Free Risk Assessment Into Your Client Security Language (Not Just a Compliance Check)

Most MSPs donā€™t have a language problem with security; they have a translation problem. The Blacksmith Free Risk Assessment gives you a single, reusable grammar you can use to talk about both compliance and security with nonā€‘technical clients in a way that sticksā€¦

āš ļø Threat Updates

šŸ”“ Multi-Stage AiTM Phishing Hijacks SharePoint and Session Cookies for BEC (02/01/26)

Microsoft reported a multi-stage adversary-in-the-middle phishing campaign abusing SharePoint file-sharing links and inbox rule creation to steal session cookies, maintain stealthy persistence, and pivot into large-scale business email compromise across multiple energy-sector organizations. Because password resets alone are ineffective when cookies and inbox rules persist, MSPs must enforce MFA resistant to AiTM, implement conditional access and token revocation, and include mailbox-rule audits and session invalidation in their standard incident response playbooks for suspected account compromise. Ā» More Info

šŸ”“ Actively Exploited SolarWinds Web Help Desk RCE Added to CISA KEV (02/04/26)

CISA added a critical SolarWinds Web Help Desk flaw, CVE-2025-40551 (CVSS 9.8), to its Known Exploited Vulnerabilities catalog after confirming unauthenticated remote code execution is being used in active attacks against vulnerable WHD deployments. SolarWinds has released patches in WHD version 2026.1 that also address multiple additional high/critical issues (CVE-2025-40536, ā€‘40537, ā€‘40552, ā€‘40553, ā€‘40554), and U.S. federal agencies have been ordered to remediate CVE-2025-40551 by February 6, 2026, underscoring the urgency for MSPs to inventory WHD instances, prioritize patching, and restrict external exposure of help desk systems. Ā» More Info

šŸ—Øļø Parting Words

ā€œThe Internet is the first thing that humanity has built that humanity doesnā€™t understand, the largest experiment in anarchy that we have ever had.ā€ ā€” Eric Schmidt

Where to Find the Blacksmith Team

Right of Boom (Feb 2-6)

MSP Expo (Feb 10-12)

ā€¦and on demand with 
Get NIST-y on Spotify!

Are you a vCISO or MSP looking to operationalize security programs? Letā€™s discuss how Blacksmith Infosec proves that compliance is an opportunity, not a struggle that has to be packaged in FUD!