AI Security Standards Groups Form MOSAIC to Combat Fragmentation
Event summary
- MOSAIC (Multi-Organization Secure AI Coordination) formed on April 21, 2026, during the AI Security Policy Forum alongside the SANS AI Cybersecurity Summit.
- Founding members include OWASP, NIST, CSA, CIS, CoSAI, and BIML, with participation from ITU and The Aspen Institute.
- 60% of organizations report lacking skills to defend against AI threats, with 27% experiencing breaches due to capability gaps (SANS 2026 Workforce Research Report).
- MOSAIC aims to coordinate AI security standards via a shared communication platform and common definitions for terms like 'AI risk'.
- The group operates under OWASP’s governance principles, using GitHub for coordination and an open-membership model.
The big picture
The formation of MOSAIC reflects growing urgency among AI security practitioners to resolve fragmentation in standards, which has slowed defenses against emerging threats. As AI adoption accelerates across critical infrastructure, coordinated standards could become a regulatory priority, shaping compliance requirements for global enterprises. The initiative’s lightweight, open-membership approach may set a precedent for future cross-industry collaboration in AI governance.
What we're watching
- Standardization Progress
- Whether MOSAIC can achieve meaningful alignment across disparate AI security frameworks.
- Adoption Pace
- The speed at which organizations integrate MOSAIC-coordinated standards into their AI security practices.
- Regulatory Impact
- How governments and regulators may reference or mandate MOSAIC-aligned standards in future AI policies.
Related topics