The FY2026 National Defense Authorization Act (P.L. 119-60) was signed into law on December 18, 2025. Most defense contractors noticed the acquisition reform headlines—the new portfolio-based acquisition model, the raised TINA threshold, the MOSA push. Fewer noticed Sections 1512 and 1513.
That's a mistake with a deadline attached.
Section 1512: A Departmentwide AI Security Mandate on a 180-Day Clock
Section 1512 of the FY2026 NDAA directs DoD to establish a Department-wide cybersecurity and governance policy for AI and machine learning within 180 days of enactment. The policy must address lifecycle security, industry standards, workforce training, and protections against AI-specific threats such as model tampering and data leakage. The Department must then conduct a comprehensive review of its AI/ML cybersecurity practices and report the findings to Congress by August 31, 2026.
180 days from December 18, 2025 is June 16, 2026. The status update is due August 31. These aren't distant milestones.
Section 1513: The AI Version of CMMC
Section 1513 goes further. It requires DoD to develop a risk-based framework for cybersecurity and physical security standards for AI and ML systems—covering workforce risks, supply chain risks, adversarial tampering, and security monitoring—drawing on the NIST SP 800 series and augmenting the Cybersecurity Maturity Model Certification (CMMC) program.
More importantly: once developed, the framework must be incorporated into the Defense Federal Acquisition Regulation Supplement (DFARS) and the CMMC program itself, so that contractors developing, deploying, storing, or hosting AI/ML for DoD are required to comply.
King & Spalding's analysis confirms the framework must cover workforce risks, supply chain risks, adversarial tampering, and security monitoring. Vendor compliance must be demonstrated through testing and certification, and security posture evaluated as part of source selection.
Crowell & Moring draws the historical parallel directly: "CMMC began with a provision in the FY2020 NDAA and took years to finalize, only recently coming into effect. Despite its slow burn, many contractors have found themselves unprepared for CMMC's roll-out."
The Gap Between "Framework Under Development" and "Out of Compliance" Is Shorter Than It Looks
CMMC felt theoretical right up until it wasn't. Defense contractors who didn't build data hygiene, access controls, and audit infrastructure while the standard was being finalized found themselves scrambling for third-party assessors with no available capacity and insufficient documented controls.
The AI version of this problem is more urgent, because the attack surface is already active and expanding. DoD isn't waiting for the Section 1512 framework to start deploying AI tools to its workforce. In May 2026, the Pentagon's Chief Digital and AI Office unveiled the CDAO Wingman platform—designed to help defense and military users develop and scale their own digital assistants to offload document-heavy workflows and compliance-driven functions. The platform has already received its Authority to Operate (ATO).
The DoD's January 2026 AI Acceleration Strategy directed the CDAO to establish a delivery and integration cadence with AI vendors enabling the latest models to be deployed within 30 days of public release—a procurement criterion for future model acquisition.
For defense contractors, the implication is direct: their employees are already using AI tools—ChatGPT, Claude, Microsoft Copilot, Gemini—in day-to-day work. The Section 1512 threats Congress explicitly named aren't hypothetical. They're happening today, in unmonitored browser sessions, across the defense industrial base.
What "Data Leakage Through an AI Interface" Actually Looks Like
A contracts manager pastes a draft statement of work containing performance requirements into ChatGPT for editing. A procurement analyst asks Claude to summarize a competitive proposal. A program manager uses Gemini to draft a briefing that references system specifications. None of these feel obviously wrong from the employee's perspective—AI tools are just faster. But each is a potential uncontrolled exfiltration of CUI, proprietary technical data, or ITAR-relevant information into a third-party AI provider's infrastructure.
Section 1513's framework will require contractors to demonstrate vendor compliance through testing and certification, maintain secure network architecture, deploy continuous monitoring, and enforce secure authentication and authorization on AI systems. That's not a checklist you build in a week when a DCSA assessor asks for it.
Section 1515: Workforce Training Is a Floor, Not a Ceiling
Section 1515 requires that cybersecurity training for members of the Armed Forces and DoD civilian employees address the unique cybersecurity challenges associated with AI. Contractors who supply personnel to DoD programs or operate AI infrastructure on DoD's behalf will face downstream pressure to demonstrate equivalent training for their own workforce.
Training addresses awareness. Policy enforcement addresses behavior. The two are complements, not substitutes. An employee who knows the policy but faces no technical enforcement will still paste CUI into ChatGPT under deadline pressure.
Section 1532: The Prohibition Signal
Section 1532 provides guidance and prohibitions on use of "covered artificial intelligence"—specifically identifying AI systems that pose security risks, with DeepSeek cited as an example. Waivers are limited to research, national security analysis, or mission-critical functions.
The signal for contractors: DoD is building a category of prohibited AI tools, and contractors who cannot demonstrate they control which AI products their employees access will face compliance exposure when that prohibition list appears in a contract clause.
What to Do Now, Before the Framework Is Finalized
The Section 1513 framework is still being developed. Crowell & Moring notes the status update is due to Congress by June 16, 2026. That creates a window—not for waiting, but for building the infrastructure before the final requirements arrive.
Four concrete steps:
Inventory your AI surface area. Which AI tools are your employees actually using? Browser-based AI (ChatGPT, Claude, Gemini, Copilot, Perplexity) is the largest unmonitored surface in most contractor environments. Most organizations don't have an accurate answer.
Establish real-time policy enforcement at the browser layer. Policy documents don't prevent data leakage; enforcement at the point of submission does. A browser-level AI governance layer intercepts prompts before they reach external AI providers, applies policy checks, and logs every interaction for audit purposes.
Build the audit trail before you need to present it. The FY2026 NDAA's enhanced ATO accountability provisions and continuous monitoring requirements assume documented evidence of control effectiveness. An audit log you don't have today won't be available when an assessor asks.
Treat AI tool prohibitions as a configuration problem. Section 1532's prohibition framework means "employees shouldn't use DeepSeek" needs to translate into "employees technically cannot use DeepSeek." Technical enforcement, not policy documents, is what auditable compliance looks like.
CMMC's lesson wasn't that the standard was too hard. It was that contractors who started building controls the day the final rule dropped had no time. The AI governance framework coming out of the FY2026 NDAA is on a similar trajectory.
Containment.AI provides real-time AI governance at the browser and proxy layers—policy enforcement, audit logging, and incident response for the AI tools your workforce is using today. If you're a defense contractor starting to think through what Section 1512 and 1513 compliance will require, we'd like to talk.