惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

TaoSecurity Blog
TaoSecurity Blog
L
LINUX DO - 最新话题
Help Net Security
Help Net Security
N
News | PayPal Newsroom
www.infosecurity-magazine.com
www.infosecurity-magazine.com
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
The Last Watchdog
The Last Watchdog
S
Security @ Cisco Blogs
W
WeLiveSecurity
C
CXSECURITY Database RSS Feed - CXSecurity.com
Webroot Blog
Webroot Blog
T
Troy Hunt's Blog
V
Vulnerabilities – Threatpost
Google Online Security Blog
Google Online Security Blog
N
News and Events Feed by Topic
T
Threat Research - Cisco Blogs
Security Archives - TechRepublic
Security Archives - TechRepublic
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
T
Tor Project blog
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
D
Darknet – Hacking Tools, Hacker News & Cyber Security
PCI Perspectives
PCI Perspectives
Google DeepMind News
Google DeepMind News
T
Tailwind CSS Blog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Apple Machine Learning Research
Apple Machine Learning Research
IT之家
IT之家
S
SegmentFault 最新的问题
J
Java Code Geeks
P
Privacy & Cybersecurity Law Blog
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
博客园 - 【当耐特】
博客园_首页
H
Hacker News: Front Page
T
Threatpost
Jina AI
Jina AI
博客园 - Franky
月光博客
月光博客
L
LINUX DO - 热门话题
The Cloudflare Blog
H
Heimdal Security Blog
博客园 - 司徒正美
酷 壳 – CoolShell
酷 壳 – CoolShell
Cloudbric
Cloudbric
雷峰网
雷峰网
Hugging Face - Blog
Hugging Face - Blog
S
Secure Thoughts
T
Tenable Blog
I
Intezer
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻

Cloud Security Alliance

SearchLeak: Copilot Data Exfiltration Exploited | CSA Zero-Trust AI Governance for Multi-Agent Systems | CSA Dangling CNAMEs: Hidden Cloud Risk | CSA Agentic Payments in Financial Services | CSA Mythos and the Future of Cybersecurity | CSA AI-Driven Cloud Risk: Defenders Lose Ground | CSA Financial Services Industry Shifts from AI Adoption to | CSA CSAI Foundation Announces RiskRubric V2 as the Next Key | CSA RiskRubric Updates: AI Risk Assessment | CSA Over 80% of Organizations that Miss 24-Hour Patch Window Report | CSA ORCHIDEAS & MAESTRO: Secure AI Design | CSA Top 6 Claude Security Risks to Watch | CSA Cloud Cost Optimization in 2026 | CSA HIPAA Rule Overhaul in 2026 | CSA AI-Driven Exploits Outsmart Detection | CSA MCP Risks CISOs Should Prepare For | CSA AI Governance for Trust and Compliance | CSA MTTP: Patch Cycles Too Slow | CSA Cloud Security Evolution: Security Teams Lead | CSA Misconfigurations Break Customer Trust in Apps | CSA Taming Shadow AI: C-Suite Strategies | CSA Agentic AI Threats: Five Powers | CSA AIUC-1: Agentic AI Governance | CSA 2026 Threat Report for CISOs | CSA Securing AI in AWS: Runtime Detection & Response | CSA SLMs, LLMs, and the DSPM Difference | CSA OT Security Timeline: Mythos and Patch Pace | CSA Blast Radius and Cloud Threat Detection | CSA State of AI Cybersecurity 2026: 92% Concerned | CSA AI in MDR for Franchise & Multi-Location Ops | CSA AI Regulation: Identity and Authorization Gap | CSA MITRE ATT&CK for Cloud: Detection Coverage Guide | CSA Shadow AI Agents: The Insider Threat | CSA Medical Device Breaches Reveal Cloud Security Gaps | CSA AISMM: AI Security Maturity Model for Cloud | CSA Globee® Awards for Artificial Intelligence (AI) Honors Cloud | CSA Patching Smarter for Mythos Security | CSA SDP v3: Identity-First Zero Trust for AI | CSA AI-Ready Security Documents Beyond STIX, OSCAL, and SARIF | CSA Penetration Testing for ISO 42001 & Trust | CSA AI Agent Posture: Data-First Security Guardrails | CSA AI Agents Go Beyond Output: Enterprise Security | CSA AI Agent Security Starts with Scope Control | CSA Identity Spoofing vs. Identity Abuse | CSA AARM: Securing the Agentic Runtime | CSA Securing the Agentic Control Plane | CSA CSAI Foundation Announces Key Milestones to Secure the Agentic | CSA Cloud to AI: Building Secure Programs | CSA Identity in AI Era: Zero Trust's First Pillar | CSA SDLC Visibility: Securing Multi-Cloud Development Lifecycles | CSA Cloud Risk: Top 3 Threats & AI Tools | CSA AI Agent Identity Is Solved Backwards | CSA 8 Truths About Cloud Privilege Risk | CSA AI Governance: Mature Programs | CSA Agent Access Management: Data-First Security | CSA Glasswing: AI-Driven Security for Safer Software | CSA Runtime Security: Detection & Real-Time Cloud | CSA Identity as the OS for AI Security | CSA Cloud Misconfigurations Drive Attacks at Scale | CSA Sensing AI Behavior with the WBSC Probe Library | CSA An Actionable Guide to GDPR Compliance for Startups | CSA Cloud Security LIVE 2026: AI Risk & Trust | CSA Shadow AI Agents: Enterprise Governance | CSA Rethinking Non-Human Identity Security | CSA New Cloud Security Alliance Survey Reveals 82% of Enterprises Have Unknown AI Agents in Their Environments More Than Half of Organizations Experience AI Agent Scope | CSA SANS Institute, Cloud Security Alliance, [un]prompted, and OWASP | CSA AI Agents Are Talking: Are You Listening? | CSA Software Supply Chain Security Needs an Upgrade Choosing the Right AI Standard: 7-Point Guide | CSA Audience-Driven Authorization for AI Agents | CSA A CISO's Guide to Cloud Security Architecture | CSA Who’s Behind That Action? The AI Agent Identity Crisis SSCF Adoption for SaaS Security | CSA Mythos and the Vulnpocalypse: Cloud Defenses | CSA AI Security Risks and Data Visibility | CSA From Compliance to Credibility with CAIQ/CCM | CSA The State of Cybersecurity in the Finance Sector: Six Trends to Watch EU AI Act Compliance with prEN 18286 & ISO 42001 | CSA AI Security in the Cloud: Exposure Management | CSA Rethinking Incident Response as Engineering System | CSA Defense Depends on the Creator: AI Security | CSA ATF: Zero Trust for AI Agents | CSA Cybersecurity Needs a New Data Architecture | CSA CSA STAR v4.1 Updates for Cloud Security | CSA Unstructured Data Surges as Enterprises Struggle to Maintain | CSA SC Media Names Cloud Security Alliance’s Trusted AI Safety | CSA Exposed AWS Key Leads to Full Account Takeover | CSA Post-Quantum Cloud Migration for CSA Members | CSA AI Identity Security Compliance Checklist | CSA The Agentic Trust Deficit: MCP's Authentication Vacuum | CSA More Than Two-Thirds of Organizations Cannot Clearly Distinguish | CSA AI Cybersecurity 2026: Insights from 1,500 Leaders | CSA Three-Body Security: Data, AI & Identity | CSA IAM as Safety for AI-Controlled Systems | CSA Kubernetes Cost Savings and Security Debt | CSA Code to Cloud Security: Unified Exposure Management | CSA Retail Misconfigurations Attackers Exploit | CSA Rethinking Authorization for the Age of Agentic AI | CSA Enterprise AI: Guardrails to Governance | CSA
Catastrophic AI Risk Controls | CSA
2026-04-29 · via Cloud Security Alliance

AI technologies are entering a new phase defined by their growing systemic impact. Organizations today are already managing familiar AI risks: data leakage, bias, model drift, and misuse. But as AI systems become more capable, autonomous, and embedded in critical infrastructure, possible catastrophic risks are emerging.

These are not traditional enterprise incidents. They represent the potential for large-scale, irreversible, and society-wide consequences. Think loss of human oversight and uncontrolled system behavior.
CSAI logo

The CSAI Foundation aims to move beyond abstract discussions of these catastrophic AI risks and toward something far more concrete: Assurance. Controls that professionals can test, validate, and independently audit.

Introducing the Catastrophic Risk Annex

To address this challenge, CSAI is launching the STAR for AI Catastrophic Risk Annex. This project will translate concerns about catastrophic AI risk into practical, measurable safeguards.

The Catastrophic Risk Annex builds on the AI Controls Matrix (AICM) and the broader STAR for AI program. It extends them to address the most extreme risk scenarios. Specifically, the Catastrophic Risk Annex will:

  • Identify which existing AICM controls are most relevant to catastrophic risk
  • Introduce new controls where critical gaps exist
  • Define evidence requirements and testing criteria suitable for independent assessment

The result is a system where organizations can demonstrate control over advanced AI risks.

Built for a Multi-Stakeholder Future

Catastrophic AI risk is a shared challenge across the global ecosystem.

The Catastrophic Risk Annex supports:

  • AI developers demonstrating safe system design
  • Enterprises building audit-ready AI programs
  • Cloud providers embedding safety into infrastructure
  • Regulators seeking consistent AI assurance and governance models

Through this project, these stakeholders can align around common controls, shared evidence, and comparable outcomes.

Why Catastrophic Risk Requires a New Approach

Traditional risk frameworks don't consider systems that act autonomously, interact dynamically with tools, and operate at scale across cloud and critical infrastructure. As a result, many existing controls are:

  • Too abstract to validate
  • Too static to capture runtime behavior
  • Too narrow to address systemic failure modes

The Catastrophic Risk Annex addresses this gap by focusing on what you can actually test in real environments. Examples include:

  • Verifying that human-in-the-loop controls cannot be bypassed
  • Testing whether action gating prevents unsafe escalation
  • Demonstrating that kill-switches and rollback mechanisms function under pressure
  • Validating telemetry and detection capabilities for emergent behavior

About the CSAI Foundation

CSAI is a new 501(c)(3) nonprofit dedicated to advancing secure, trustworthy, and transparent AI.

CSAI brings together a global, cross-disciplinary community of:

  • Cloud providers and AI developers
  • Enterprises adopting AI at scale
  • Cybersecurity and risk professionals
  • Policymakers, regulators, and researchers

Its mission is to advance AI security and assurance through:

  • Research and open standards
  • Practical frameworks and controls
  • Industry collaboration and consensus-building
  • Education and guidance for real-world implementation

Unlike purely academic or policy-driven efforts, CSAI focuses on operationalizing trust, turning complex AI risks into actionable controls and measurable outcomes.

A core principle of the CSAI mission is that AI tools must earn trust through verifiable mechanisms. The Catastrophic Risk Annex directly advances this vision by converting high-level AI safety concerns into auditable controls. It enables independent validation of AI system behavior and supports a shared ecosystem of accountability across developers, providers, and users. It reflects CSAI’s broader goal to create a world where organizations can innovate with AI confidently.

About STAR for AI

The STAR for AI program extends CSA’s Security, Trust, Assurance, and Risk (STAR) framework into the AI domain. STAR has long served as a global benchmark for cloud assurance, enabling organizations to document their security postures. STAR for AI builds on that legacy by bringing the same principles to AI systems.

At its core, STAR for AI provides:

  • A structured framework for AI assurance
  • Standardized control sets and assessment models
  • Mechanisms for independent validation and transparency
  • A public registry where organizations can demonstrate their AI risk posture

This allows organizations to move beyond internal governance and toward externally verifiable trust.

The Catastrophic Risk Annex is a natural extension of this model. It expands STAR for AI to address the highest-impact, lowest-probability risks associated with advanced AI systems.

A Roadmap for Measurable AI Safety

The Catastrophic Risk Annex will roll out over a 15–18 month period, beginning in late Q2 2026. The project will follow a structured, multi-phase approach.

Phase 1: Turning Risk into Controls

June – September 2026

This phase focuses on translating catastrophic risk scenarios into clear, auditable control language, including:

  • Control families such as autonomy limits, tool governance, and containment
  • A catalog of high risk scenarios
  • Evidence requirements like runtime logs, red-team outputs, and incident drills

Phase 2: Making Controls Testable

October – December 2026

This phase focuses on developing validation protocols to ensure users can consistently assess controls, including:

  • Resistance to jailbreaks and escalation
  • Enforcement of tool restrictions
  • Reliability of rollback and containment mechanisms

These will align with global standards such as the NIST AI RMF, EU AI Act, and ISO/IEC 42001.

Phase 3: Proving It in Practice

January – June 2027

This phase brings the Catastrophic Risk Annex into real-world environments through:

  • Pilot assessments with AI labs, enterprises, and cloud providers
  • Training assessors to evaluate agentic systems and runtime behavior
  • Development of reusable reference implementations

Phase 4: Scaling Assurance Across the Ecosystem

July – December 2027

The Catastrophic Risk Annex becomes a standardized, scalable AI risk management framework with:

  • Public STAR for AI registry entries
  • Benchmarking and transparency across organizations
  • A published State of Catastrophic AI Risk Controls Report

From Awareness to Assurance

The conversation around AI risk is evolving. Awareness is no longer enough. Principles are no longer enough. The next phase of AI governance demands something stronger: Proof.

The STAR for AI Catastrophic Risk Annex reflects CSAI’s commitment to making that proof possible. It turns the hardest AI risks into something professionals can measure, test, and trust.

  • Learn more about STAR for AI and how your organization can participate in advancing secure, trustworthy AI.
  • Learn more about CSAI and our complete slate of integrated programs spanning the full lifecycle of agentic AI security.