Tech Giants Form Open Source AI Security Group

Google, Microsoft, Amazon, OpenAI and others have formed a new industry group aimed at promoting AI safety and security standards.

The Coalition for Secure AI (CoSAI) launched on Thursday as a self-described "open source initiative designed to give all practitioners and developers the guidance and tools they need to create Secure-by Design AI systems."

"Founding Premier Sponsors" of CoSAI include Microsoft, Nvidia, Google, IBM, Intel, and PayPal. Listed as "additional" founding members are OpenAI, Anthropic, Amazon, Cisco, Cohere, Chainguard, GenLab, and Wiz.

A Technical Steering Committee of AI experts from academia and industry will oversee the group's work.

The primary mission of CoSAI is to "develop comprehensive security measures that address AI systems' classical and unique risks." This is difficult to do in the current AI landscape, the group argues, because existing efforts to establish AI security standards are fragmented, uncoordinated, and inconsistently applied.

Though it recognizes those efforts and plans to collaborate with other groups focused on AI security, CoSAI believes it is uniquely positioned to establish standards that can be widely agreed-upon and adopted due to its diverse and high-profile membership roster.

"As a Founding Member of the Coalition for Secure AI, Microsoft will partner with similarly committed organizations towards creating industry standards for ensuring that AI systems and the machine learning required to develop them are built with security by default and with safe and responsible use and practices in mind," said Microsoft's AI safety chief Yonatan Zunger in a prepared statement. "Through membership and partnership within the Coalition for Secure AI, Microsoft continues its commitment to empower every person and every organization on the planet to do more ... securely."

"From day one, AWS AI infrastructure and the Amazon services built on top of it have had security and privacy features built-in that give customers strong isolation with flexible control over their systems and data," commented Paul Vixie, vice president and Distinguished Engineer at Amazon Web Services. "As a sponsor of CoSAI, we're excited to collaborate with the industry on developing needed standards and practices that will strengthen AI security for everyone."

"Developing and deploying AI technologies that are secure and trustworthy is central to OpenAI's mission," said Nick Hamilton, head of Governance, Risk and Compliance at OpenAI. "We believe that developing robust standards and practices is essential for ensuring the safe and responsible use of AI and we're committed to collaborating across the industry to do so."

Per CoSAI's founding charter, the group intends to find and share mitigations for AI security risks such as "stealing the model, data poisoning of the training data, injecting malicious inputs through prompt injection, scaled abuse prevention, membership inference attacks, model inversion attacks or gradient inversion attacks to infer private information, and extracting confidential information from the training data."

Interestingly, the group does not consider the following areas to be part of its purview: "misinformation, hallucinations, hateful or abusive content, bias, malware generation, phishing content generation, or other topics in the domain of content safety."

At its outset, CoSAI plans to pursue the following three research areas:

  • AI software supply chain security: The group will explore how to assess the safety of a given AI system based on its provenance. For instance, the group will examine who trained the AI system and how, as well as whether its training process may have left the AI vulnerable to tampering at any point.
  • Security framework development: The group will identify "investments and mitigation strategies" to address the security vulnerabilities in both today's AI systems, as well as future versions.
  • Security and privacy governance: The group will create guidelines to help AI developers and vendors measure risk in their systems.

CoSAI expects to release a paper by the end of this year providing an overview of its findings.

About the Author

Gladys Rama (@GladysRama3) is the editorial director of Converge360.

Featured

  • AI-powered individual working calmly on one side and a burnt-out person slumped over a laptop on the other

    Researchers: AI's Productivity Gains Come at a Cost

    A recent academic study found that as organizations adopt AI tools, they're not just streamlining workflows — they're piling on new demands. Researchers suggested that "AI technostress" is driving burnout and disrupting personal lives, even as organizations hail productivity gains.

  • AI microchip, a cybersecurity shield with a lock, a dollar coin, and a laptop with financial graphs connected by dotted lines

    Survey: Generative AI Surpasses Cybersecurity in 2025 Tech Budgets

    Global IT leaders are placing bigger bets on generative artificial intelligence than cybersecurity in 2025, according to new research by Amazon Web Services (AWS).

  • young man in a denim jacket scans his phone at a card reader outside a modern glass building

    Colleges Roll Out Mobile Credential Technology

    Allegion US has announced a partnership with Florida Institute of Technology (FIT) and Denison College, in conjunction with Transact + CBORD, to install mobile credential technologies campuswide. Implementing Mobile Student ID into Apple Wallet and Google Wallet will allow students access to campus facilities, amenities, and residence halls using just their phones.

  • AI assistant represented by a glowing blue humanoid figure in front of a laptop, surrounded by interconnected network nodes and data servers

    Network to Code Launches AI Assistant for Enterprise Network Teams

    Network automation firm Network to Code has launched NautobotGPT, an AI-powered assistant aimed at helping enterprise network engineers create, test, and troubleshoot automation tasks more efficiently.