2026 Strategic Mission
Securing the
Agentic Control Plane
Governing autonomous AI systems through risk intelligence, best practices, executive trust, global assurance, and workforce readiness.
Through our AI Safety Initiative, CSA has built the industry's leading portfolio of AI security and safety guidance. This portfolio includes over 30 research white papers, several open source projects, the Trusted AI Safety Expert (TAISE) professional certification, the AI Controls Matrix (AICM), and the STAR for AI organizational certification.
CSA has formed CSAI, a 501(c)3 non-profit foundation dedicated to AI security and safety, formally announced with a 2026 mission of Securing the Agentic Control Plane at the RSA Conference 2026.
As enterprises move from experimental AI to autonomous, agent-driven transformation of their business, the risk surface shifts from models alone to identity, authorization, orchestration, runtime behavior, and trust assurance across complex agent ecosystems. CSA is evolving from defining best practices to operating the trust infrastructure for the agentic ecosystem.
Six Strategic Programs
Integrated programs spanning the full lifecycle of agentic AI security, from threat intelligence to workforce readiness.
AI Risk Observatory
Helping the industry gain real visibility into how autonomous agents behave, fail, and introduce risk — bridging today's vulnerability ecosystem with emerging agentic environments.
- ▸Observability of in-the-wild agentic activity (OpenClaw, MCP servers, agent ecosystems) with expansion of the RiskRubric model scanning leaderboard
- ▸Integration with incident reporting and vulnerability ecosystems
- ▸Operation of a next-generation CVE Numbering Authority (CNA) scoped on agentic AI in collaboration with member CNAs
- ▸Research on gaps with CVE/CWE/ISACs/CSIRTs and recommendations
- ▸Real-time telemetry and structured risk identifiers for agentic systems
Agentic Best Practices
Full lifecycle best practices and tools for secure agentic implementation across the enterprise.
Security for agentic AI and agentic AI for security
Secure and agile enterprise agentic guidelines and strategies
Identity-first controls for non-human actors
Runtime authorization and privilege governance
Agent taxonomy, profiling, and capability standards
Secure agentic transactions and payments
Engagement with enterprises, regulators, and standards bodies
Open source tool repository
Education, Credentialing & Awareness
Building the global workforce capable of securing, auditing, and governing autonomous AI agent ecosystems.
Awareness & Events
- ▸Agentic AI Summit Series
- ▸Executive panels and research publications
- ▸Industry surveys and newsletters
- ▸Global chapter events
TAISE Certification Expansion
TAISE CxO
Executive-level AI safety credentialing for board and C-suite leaders
TAISE Agentic
Specialized certification for practitioners building and securing autonomous agents
TAISE Compass
Introducing AI safety to high school students as part of the White House Task Force for AI Education
CxOtrust for Agentic AI
Executive collaboration program translating agentic AI risk into board-level decisions and secure enterprise adoption.
- ▸Provide "Voice of the Enterprise Customer" to AI program activities
- ▸Monthly briefings on emerging agentic AI risks and mitigation strategies
- ▸Private CISO / CIO / CAIO roundtables for peer collaboration
- ▸Board-ready risk narratives and decision frameworks
- ▸Secure enterprise adoption guidelines for agentic deployments
Global Assurance & Trust
Extending CSA's proven assurance model into the agentic era with continuous, AI-driven certification and compliance.
STAR for AI
The Agentic Compliance Automation Revolution
- ▸Expansion of global cloud assurance program CSA STAR to AI systems
- ▸Based on CSA AI Controls Matrix plus ISO 42001, 27001 and SOC 2
- ▸Global ecosystem of leading audit and certification bodies
- ▸STAR Registry is world's largest repository of provider assurance documentation
Valid-AI-ted
AI-powered audit engine and research project for GRC automation and modernization
- ▸AI analysis of controls maximizing risk reduction
- ▸Automated mapping between industry frameworks
- ▸Automated scoring of Cloud and AI self-assessments in CSA STAR
- ▸Continuous evaluation of agent behavior and risk posture
- ▸Feedback loops for improving implementations
- ▸Scalable assurance across large agent ecosystems
Future Forward Initiatives
Pioneering infrastructure, certification, and research that creates long-term benefits to the future AI economy and human society.
CSA Pod
Agent Ecosystem Infrastructure
- ▸A live environment for agent interaction at pod.cloudsecurityalliance.org
- ▸A testbed for real-world agent behavior and risk assessment
- ▸A telemetry source feeding the AI Risk Observatory
- ▸A distribution layer for CSA standards and guidance
TAISE-Agent Certification
Certifying Autonomous Agents
Extending the Trusted AI Safety Expert program for humans to agents — drawing on 16 years of experience certifying cybersecurity professionals.
- ▸Behavioral evaluation of agents through adversarial and scenario-based assessment
- ▸Continuous reinforcement learning and re-certification cycles
- ▸Agent Trust Profiles (human-readable and machine-readable)
Catastrophic Risk Annex
Existential Threat Research
Research into long-term existential threats to humanity from highly transformational future versions of AI. We are developing a derivative of AI Controls Matrix to address catastrophic risks and perform pilot audits against frontier models to understand long-term alignment and safety issues.
Aligned Frameworks & Partnerships
Join the Journey
Stay connected with CSAI's work in AI security, credentialing, and trust.
CSAI Foundation
Dedicated to Secure and Trustworthy AI
CSAI invites organizations across the AI ecosystem — cloud providers, enterprise adopters, AI developers, auditors, and regulators — to engage as founding sponsors, contributing members, and research collaborators.