CSAI Foundation Launched with Mission of "Securing the Agentic Control Plane"

CSA Official Press Release Published 03/23/2026 Cloud Security Alliance Launches CSAI Foundation With Mission of “Securing the Agentic Control Plane” New 501(c)3 non-profit debuts at RSA Conference 2026 to govern autonomous AI agent ecosystems through risk intelligence, certification, and executive trust programs RSAC (SAN FRANCISCO) — March 23, 2026 — The Cloud Security Alliance (CSA), the world’s leading not-for-profit organization committed to AI, cloud, and Zero Trust cybersecurity education, today announced the launch of CSAI, a new 501(c)3 non-profit foundation dedicated exclusively to AI security and safety. CSAI is being formally unveiled at RSAC 2026 with a strategic mission of Securing the Agentic Control Plane — governing the identity, authorization, orchestration, runtime behavior, and trust assurance layers that underpin autonomous AI agent ecosystems. The launch of CSAI marks the next evolution of CSA’s AI Safety Initiative, which has produced over 30 research white papers, several open source projects, the Trusted AI Safety Expert (TAISE) professional certification, the award-winning AI Controls Matrix (AICM), and the STAR for AI organizational certification. Coming off CSA’s most successful virtual AI Summit to date with over 5,000 registrants, CSAI will operate as a dedicated entity to accelerate the pace and scale of this work. As enterprises move from experimental AI to autonomous, agent-driven transformation of their business, the risk surface shifts from models alone to complex agent ecosystems. CSA is evolving from defining best practices to operating the trust infrastructure for the agentic economy. “The agentic era demands a new kind of security infrastructure — one that governs not just what AI models can do, but how autonomous agents identify themselves, what they’re authorized to do, and how we can trust their behavior at scale. CSAI is purpose-built to deliver that infrastructure through six integrated programs spanning risk intelligence, best practices, education, executive trust, global assurance, and forward-looking research,” said Jim Reavis, CEO and co-founder, Cloud Security Alliance. “Cloudflare is honored to take part in the launch of the CSAI Foundation to help combat one of the greatest challenges in the AI era: the trade-off between the speed of innovation and security control. As AI adoption accelerates, organizations are struggling with unmanaged employee use of AI tools, and agents operating with over-privileged access. Today, we are reinforcing our commitment to plugging this safety gap, and enabling secure, scalable AI for the modern enterprise," said Cloudflare Chief Strategy Officer Stephanie Cohen. CSAI’s 2026 mission of Securing the Agentic Control Plane encompasses six strategic programs: - AI Risk Observatory — Continuous monitoring and threat intelligence for agentic AI systems, including observability of in-the-wild agentic activity across OpenClaw and MCP server ecosystems, operation of a next-generation CVE Numbering Authority (CNA) scoped on agentic AI, and real-time telemetry with structured risk identifiers. - Agentic Best Practices — Full lifecycle guidance for secure agentic implementation, covering identity-first controls for non-human actors, runtime authorization and privilege governance, agent taxonomy and profiling standards, secure agentic transactions and payments, and an open source tool repository. - Education, Credentialing & Awareness — Global workforce development through the Agentic AI Summit Series, expansion of the TAISE certification program into three new tracks (TAISE CxO for executive leaders, TAISE Agentic for security practitioners, and TAISE Compass for high school students as part of the White House Task Force for AI Education), and industry surveys and global chapter events. - CxOtrust for Agentic AI — An executive collaboration program providing the “Voice of the Enterprise Customer” to AI program activities through monthly briefings, private CISO/CIO/CAIO roundtables, board-ready risk narratives, and secure enterprise adoption guidelines. - Global Assurance & Trust — Expansion of the STAR for AI assurance program based on the AI Controls Matrix plus ISO 42001, ISO 27001, and SOC 2, supported by a global ecosystem of leading audit and certification bodies. The program is powered by Valid-AI-ted, CSA’s AI-driven audit engine for GRC automation, continuous evaluation of agent behavior and risk posture, and automated framework mapping. - Future Forward Initiatives — Pioneering work that positions CSA as an operator of the agentic ecosystem, including CSA Pod (pod.cloudsecurityalliance.org), a live agent interaction environment and telemetry source; TAISE-Agent Certification, extending professional certification to autonomous agents through reinforcement learning, behavioral evaluation, and agent trust profiles; and the Catastrophic Risk Annex, researching existential threats from highly transformational future AI through a derivative of AICM designed for pilot audits against frontier models. "The launch of the CSAI Foundation is an important expansion of the CSA mission to have a dedicated focus on AI safety and security. Their agile delivery of research solutions is a strong complement to the work of standards bodies and trusted technology partners," said Phil Venables, a venture partner at Ballistic Ventures, and former CISO of Google Cloud. "RSAC Conference was happy to provide a platform for CSA's original launch in 2009. We are now delighted to provide a home for the CSAI Foundation unveiling as we all focus on delivering trustworthy AI and securing the agentic revolution," said Jen Easterly, CEO, RSAC, and the former Director of the Cybersecurity and Infrastructure Security Agency. Safeguarding the next generation of autonomous intelligence As part of its commitment to advancing open, interoperable standards for agentic AI security, the Cloud Security Alliance also announced a collaboration with the Coalition for Secure AI (CoSAI), including a seat on CoSAI’s Technical Steering Committee (TSC). This role enables CSA to actively contribute to technical workstreams and align its Securing the Agentic Control Plane strategy with emerging industry standards, reinforcing the importance of cross-industry coordination in building trusted autonomous systems. “This collaboration marks a great step toward a unified approach to securing agentic AI systems. By working with the Cloud Security Alliance, we’re aligning efforts to ensure that security and trust remain at the core of the AI ecosystem. Together, CoSAI and CSA are driving the frameworks that will safeguard the next generation of autonomous intelligence,” said Omar Santos, Cisco, Project Governing Board Co-Chair of CoSAI. Reavis added, “Strong technical collaboration with organizations like CoSAI is essential to turning principles into practice. As we build out the agentic control plane, alignment with a standards organization like CoSAI ensures that what we develop is interoperable, scalable, and globally relevant.” CSAI invites organizations across the AI ecosystem — cloud providers, enterprise adopters, AI developers, auditors, and regulators — to engage as founding sponsors, contributing members, and research collaborators. For more information on CSAI’s programs and sponsorship opportunities, visit www.CSAI.foundation. About CSAI Foundation CSAI is a 501(c)3 non-profit foundation launched by the Cloud Security Alliance, dedicated exclusively to AI security and safety. With a 2026 mission of Securing the Agentic Control Plane, CSAI delivers integrated programs spanning risk intelligence, operational best practices, professional and agent certification, executive collaboration, global assurance, and forward-looking research to govern the autonomous AI economy. Visit www.CSAI.foundation. About Cloud Security Alliance The Cloud Security Alliance (CSA) is the world’s leading not-for-profit organization committed to awareness, practical implementation, and credentialing of forward-looking cybersecurity topics, including AI, cloud, and Zero Trust. In an era where digital transformation drives business success, CSA stands as the global authority ensuring organizations can operate securely while harnessing cutting-edge technology. Through volunteer-driven research, globally-accepted standards, and award-winning vendor-neutral education programs that unite technical experts, industry practitioners, and varied associations, governments, chapters, and corporate members, CSA bridges the gap between innovation and pragmatic security execution. Visit CSA’s website to learn more. Media Contact Kristina Rundquist ZAG Communications for the CSA [email protected] About Cloud Security Alliance The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, follow us on Twitter @cloudsa. For press inquiries, email Zenobia Godschalk of ZAG Communications or reach her by phone at 650.269.8315.