HomeAbout usMediaCIS Press ReleasesMOSAIC Coalition Launches to Operationalize AI Security Standards and Reduce Industry Fragmentation

MOSAIC Coalition Launches to Operationalize AI Security Standards and Reduce Industry Fragmentation

CIS brings proven expertise in turning security best practices into actionable guidance

CLIFTON PARK, N.Y., MAY 18, 2026 — A group of leading cybersecurity organizations has announced the launch of Multi-Organization Secure AI Coordination (MOSAIC), a new effort focused on creating clear, consistent guidance for securing artificial intelligence (AI). The Center for Internet Security, Inc. (CIS®) is proud to be a charter member, alongside:

  • Berryville Institute of Machine Learning (BIML)
  • Cloud Security Alliance (CSA)
  • Coalition for Secure AI (CoSAI)
  • National Institute of Standards and Technology (NIST)
  • OWASP AI Exchange (AIX)
  • OWASP GenAI Security Project
  • SANS Institute

As AI adoption grows, so does the volume of security guidance, but it lacks coordination. Currently, organizations face a confusing mix of frameworks and recommendations that often conflict, and this lack of alignment can slow down implementation and increase risk.

MOSAIC was created to address this challenge by bringing organizations together to align their work and produce practical, easy-to-use guidance. The goal is simple: to help defenders spend less time reconciling differences and more time protecting their systems.

The initiative will focus on:

  • Creating common definitions for key AI security concepts
  • Aligning existing guidance so it works together instead of competing
  • Publishing clear, practical best practices
  • Helping organizations apply that guidance in real-world environments

As a charter member, CIS will contribute its experience in developing industry-standard cybersecurity best practices.

“For more than two decades, CIS has worked to turn security best practices into guidance that practitioners can actually adopt and operate,” said Brian Calkin, Chief Technology and Innovation Officer at CIS. “The CIS Controls and CIS Benchmarks are used by organizations around the world precisely because they cut through complexity rather than add to it. AI security needs that same discipline now, and we're honored to bring our experience to MOSAIC as a charter member of this important initiative.”

Working groups will begin immediately, with the first outputs focused on simplifying terminology and aligning existing guidance.

For more information on MOSAIC or CIS’s role in establishing the industry standards and best practices, please contact [email protected].

###

 

About CIS

The Center for Internet Security, Inc. (CIS®) makes the connected world a safer place for people, businesses, and governments through our core competencies of collaboration and innovation. We are a community-driven nonprofit, responsible for the CIS Critical Security Controls® and CIS Benchmarks®, globally recognized best practices for securing IT systems and data. We lead a global community of IT professionals to continuously evolve these standards and provide products and services to proactively safeguard against emerging threats. Our CIS Hardened Images® provide secure, on-demand, scalable computing environments in the cloud. CIS is home to the Multi-State Information Sharing and Analysis Center® (MS-ISAC®), the trusted resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial government entities, and the Elections Infrastructure Information Sharing and Analysis Center® (EI-ISAC®), which supports the rapidly changing cybersecurity needs of U.S. election offices. To learn more, visit CIS or follow us on X: @CISecurity.