MOSAIC logo MOSAIC Multi-Organization Secure AI Coordination

Collective coordination on AI security standardization.

MOSAIC is a coordination structure for the initiatives writing AI security standards and guidelines — reducing inconsistency, duplicate work, and gaps, so practitioners get a clear path forward instead of a multitude of conflicting answers.

Content on GitHub Discussions on GitHub Read the roadmap
Launched April 2026 8 founding initiatives MIT License Open membership
The MOSAIC launching group at the AI Security Policy Forum in Washington DC, April 21 2026
The launching group

Convened in one room, in one afternoon.

The people who write the frameworks that will shape AI security sat down together and agreed to coordinate as a collective — the first collaboration of its kind among AI security standard organizations.
See the full team
What is MOSAIC

Coordination, not another committee.

MOSAIC — Multi-Organization Secure AI Coordination — provides a coordination structure for initiatives working on AI security standards and guidelines, reducing inconsistencies, duplicate work, misalignment, and gaps.

The end goal is a standards and guideline landscape that gives clear guidance for securing and overseeing the AI systems we increasingly connect to everything and trust with our sensitive data. The approach is deliberately lightweight: improve consistency and quality across initiatives without adding process overhead, while every participant keeps its independence.

The problem

AI adoption is outpacing AI security.

Organizations are connecting AI to everything at speed — while the guidance meant to secure it stays fragmented and hard to apply.

New, novel risks

AI systems are vulnerable to both existing and new classes of attack that require specific countermeasures — and many organizations aren’t prepared.

A fragmented landscape

Practitioners face multiple frameworks, overlapping recommendations, and inconsistent terminology. Each initiative has strengths — and blind spots.

Speed that becomes delay

When risks materialize, projects pause and designs get revisited. What looks like speed at the start often turns into rework later.
Aligning standards and guidance across initiatives reduces fragmentation, improves clarity, and gives practitioners a coherent path forward — letting organizations move fast without losing control.
April 21, 2026 · Washington DC

How MOSAIC began.

At the AI Security Policy Forum — organized and led by the OWASP AI Exchange with the SANS Institute as co-host — leading standardization initiatives came together and agreed to begin coordinating collectively on AI security. The invitation-only session ran under Chatham House rules and was led by Rob van der Veer, founder of the AI Exchange.

What the group decided

  • Start coordinating collectively, under the name MOSAIC
  • Use GitHub as the shared communication platform
  • Keep participants fully independent
  • Prefer lightweight coordination over more committees

The shared view

AI's possibilities and challenges are evolving rapidly, and adoption is currently outpacing security — leaving security as an afterthought. Standards today are fragmented, creating uncertainty and slowing innovation. A cohesive standards landscape is required to enable both speed and safe adoption.

Read the announcements
Founding participants

The initiatives at the table.

BIMLCenter for Internet Security (CIS)Cloud Security Alliance (CSA)Coalition for Secure AI (CoSAI)NISTOWASP AI ExchangeOWASP GenAI Security ProjectSANS Institute
Standard makers were joined by journalists and representatives from the International Telecommunication Union (ITU), the Aspen Institute, academia, and government — helping prioritize the topics to focus on. Meet the people →