Cybersecurity Snapshot: AI Security Field Gets Boost from New CSA Framework and from SANS - OWASP Partnership

Check out a new Cloud Security Alliance framework for securing AI systems. Plus, SANS Institute and OWASP are joining forces to deliver AI security controls. Meanwhile, Accenture finds orgs unprepared to counter AI-powered cyber attacks. And get the latest on the Iran cyber threat, SMB cyber defenses and CIS Benchmarks!

Dive into six things that are top of mind for the week ending July 11.

1 - CSA unveils new security framework for AI systems

If you’re looking for guidance on how to protect your AI systems from cyber attacks, there’s a new resource for you to check out.

The Cloud Security Alliance released this week its “Artificial Intelligence Controls Matrix,” which it describes as a vendor-agnostic framework that organizations can use to develop, deploy and operate AI systems securely and responsibly.

“The AI Controls Matrix bridges the gap between lofty ethical guidelines and real-world implementation. It enables all stakeholders in the AI value chain to align on their roles and responsibilities and measurably reduce risk,” Jim Reavis, CSA CEO and co-founder, said in a statement.

The “Artificial Intelligence Controls Matrix” maps to cybersecurity standards such as ISO 42001 and the National Institute of Standards and Technology’s “Artificial Intelligence Risk Management Framework” (NIST AI 600-1).
 

It includes 243 AI security controls categorized into 18 domains, including:

• Audit and assurance
• Application and interface security
• Cryptography, encryption and key management
• Data security and privacy
• Governance, risk management and compliance
• Identity and access management
• Threat and vulnerability management
• Model security

For example, the “application and interface security” domain includes controls for application security metrics; secure application development cycle; application security testing; input and output validation; API security; and application vulnerability remediation.

Meanwhile, the “threat and vulnerability management” domain includes controls for penetration testing; vulnerability remediation; vulnerability prioritization; vulnerability management reporting and metrics; and threat analysis and modeling.

To get more details, check out this video:
 

For more information about AI data security, check out these Tenable resources:

• “Harden Your Cloud Security Posture by Protecting Your Cloud Data and AI Resources” (blog)
• “Tenable Cloud AI Risk Report 2025” (report)
• "How AI Can Boost Your Cybersecurity Program" (blog)
• “Tenable Cloud AI Risk Report 2025: Helping You Build More Secure AI Models in the Cloud” (on-demand webinar)
• Know Your Exposure: Is Your Cloud Data Secure in the Age of AI? (on-demand webinar)

2 - SANS and OWASP team up for AI security

And we stay on the hot topic of AI security. Hoping to bring clarity to this complex and fast-evolving field, SANS Institute and OWASP have partnered to jointly develop a comprehensive set of AI security controls.

The organizations will mash up the work done in the OWASP AI Exchange project with the SANS Critical AI Security Guidelines v1.1 to produce AI security controls in six core areas that cybersecurity teams can adopt right away.

“This partnership is about clarity,” Rob van der Veer, founder of the OWASP AI Exchange, said in a statement. “We already have the technical foundation. SANS helps us bring it into the field and make it real for defenders.”
 

The AI security controls, which the organizations pledge will offer “a common language and reduce ambiguity,” will be grouped under these six categories:

• Access
• Data
• Deployment
• Inference
• Monitoring
• Governance

The partnership’s work will be made available as open-source resources. Got ideas? You can contribute via the SANS community section on Github or via the OWASP AI Exchange contribution page. 

For more information about AI security, check out these Tenable Research blogs:

• “AI Security: Web Flaws Resurface in Rush to Use MCP Servers”
• “How Tenable Research Discovered a Critical Remote Code Execution Vulnerability on Anthropic MCP Inspector”
• “Frequently Asked Questions About Model Context Protocol (MCP) and Integrating with AI for Agentic Applications”
• “Frequently Asked Questions About DeepSeek Large Language Model (LLM)”
• “DeepSeek Deep Dive Part 1: Creating Malware, Including Keyloggers and Ransomware”

3 - Accenture: Most orgs unprepared for AI-boosted cyber attacks

Now we shift to a reality check on AI security and, well, it’s not pretty.

Hackers’ use of AI is far outpacing defenders’ ability to handle AI-powered attacks, so cybersecurity teams must step up their efforts to mitigate this rapidly evolving cyber threat.

That’s a key takeaway from Accenture’s “State of Cybersecurity Resilience 2025: Elevate Your Cybersecurity to Fit an AI-driven World” report, which is based on a global survey of almost 2,300 tech executives — 80% of them CISOs and 20% CIOs — from large organizations.

“With unprecedented speed and scale, AI is enabling attackers to bypass legacy systems and overwhelm security teams. Traditional defenses are no longer sufficient,” the report reads.
 

Specifically, the report found that:

• A staggering 90% of organizations lack the cyber maturity to effectively tackle AI-enabled threats.
• 77% are missing essential data- and AI-security practices to protect their business models, data pipelines and cloud infrastructure.
• Only 22% have rolled out policies and training for generative AI use.

So what’s the fix? Accenture offers four major recommendations:

• Implement a security governance framework to align AI security with business objectives and regulatory requirements.
• Embed security into the design, deployment and operation of AI systems, and secure AI data with strong governance and monitoring.
• Build a secure foundation for AI systems to proactively tackle emerging threats; enhance detection; improve response; and more.
• Harness generative AI to automate security processes, boost cyber defenses and enhance threat detection.

To get more details, read the full 41-page report “State of Cybersecurity Resilience 2025: Elevate Your Cybersecurity To Fit an AI-driven World.”

For more information about protecting AI systems against cyber attacks:

• “Understanding the risks - and benefits - of using AI tools” (U.K. NCSC)
• “Hacking AI? Here are 4 common attacks on AI” (ZDNet)
• “Best Practices for Deploying Secure and Resilient AI Systems” (Australian Cyber Security Centre)
• “Adversarial attacks on AI models are rising: what should you do now?” (VentureBeat)
• “OWASP AI Security and Privacy Guide” (OWASP)
• “How to manage generative AI security risks in the enterprise” (TechTarget)

4 - U.S. gov’t doubles down on Iran cyber threat warning

Following a Department of Homeland Security (DHS) alert about potential cyber attacks from Iran-backed hackers and hacktivists, the Cybersecurity and Infrastructure Security Agency (CISA) and other federal agencies chimed in, echoing the warning.

In the joint “Iranian Cyber Actors May Target Vulnerable US Networks and Entities of Interest” fact sheet, CISA, the Federal Bureau of Investigation (FBI) and the National Security Agency (NSA) prompted U.S. organizations, especially those in critical infrastructure sectors, to be on alert due to the U.S. involvement in the Israel - Iran military conflict.

“At this time, we have not seen indications of a coordinated campaign of malicious cyber activity in the U.S. that can be attributed to Iran. However, we are urging critical infrastructure organizations to stay vigilant to Iranian-affiliated cyber actors that may target U.S. devices and networks,” reads a joint statement.
 

Iran-linked cyber attackers tend to exploit low-hanging fruit, such as assets with unpatched known vulnerabilities; and internet-connected accounts and devices with common or default passwords.

Mitigation recommendations include:

• Unplug operational technology (OT) assets and industrial control systems (ICS) from the public internet. For assets that must be remotely accessible, adopt a “deny by default” allowlist policy.
• Protect devices and accounts with strong, unique passwords, and use role-based sccess controls (RBAC) and conditional access for cloud services.
• Secure access to OT networks from other networks with phishing-resistant multi-factor authentication (MFA).
• Keep all internet-facing systems updated with the latest patches to prevent attackers from exploiting known vulnerabilities.
• Monitor user access logs of remote access to OT networks; firmware installation; and configuration changes.
• Prevent unauthorized changes to OT networks through measures like keeping PLCs in run mode, using hardware/software interlocks and deploying redundant sensors.

For more information about Iran’s cyber threat to U.S. critical infrastructure:

• “Navigating a Heightened Cyber Threat Landscape: Military Conflict Increases Attack Risks” (Tenable)
• “Frequently Asked Questions About Iranian Cyber Operations” (Tenable)
• “US government warns of new Iran-linked cyber threats on critical infrastructure” (Cybersecurity Dive)
• “US CISA agency extends Iran cyber alert, warns of CNI threat” (ComputerWeekly)
• “A militarily degraded Iran may turn to asymmetrical warfare – raising risk of proxy and cyber attacks” (The Conversation)

5 - SMB cybersecurity playbook gets a makeover

A playbook designed to help small and medium-sized businesses (SMBs) adopt strong cybersecurity practices has been revamped with the goal of making it easier to use.

The Cyber Readiness Playbook is now made up of two main components – the playbook and a step-by-step adoption guide, the Cyber Readiness Institute (CRI) announced this week.

“With simple language, adaptable templates, and step-by-step guidance, the Playbook makes it easier than ever to embed good cybersecurity habits into daily business operations,” the CRI said in a statement.
 

The Cyber Readiness Playbook focuses on four key cybersecurity areas:

• Identifying and mitigating common vulnerabilities
• Providing security awareness training to staff
• Adopting cyber policies to prevent errors and reduce risk
• Responding quickly to cyber incidents

For more information about cybersecurity best practices for SMBs:

• “SMB survival requires cybersecurity transformation with AI” (Fast Company)
• “6 bad cybersecurity habits that put SMBs at risk” (CSO)
• “17 Security Practices to Protect Your Business’s Sensitive Information” (Business.com)
• “SMBs Face Costly, Complex Barriers to Cybersecurity” (Tech News World)
• “The Cost of Cybersecurity and How to Budget for It” (Business.com)

6 - CIS delivers new and updated Benchmarks for Apple, Microsoft, Google products – and more

Apple iOS, Google Kubernetes Engine and Microsoft Windows Server are some of the products whose Center for Internet Security (CIS) Benchmarks got updated in June.

Specifically, these secure-configuration recommendations were updated:

• CIS Apple iOS 17 Benchmark v1.1.0
• CIS Apple iPadOS 17 Benchmark v1.1.0
• CIS Apple iOS 18 Benchmark v1.1.0
• CIS Apple iPadOS 18 Benchmark v1.1.0
• CIS Apple macOS 13.0 Ventura Benchmark v3.1.0
• CIS Apple macOS 14.0 Sonoma Benchmark v2.1.0
• CIS Apple macOS 15.0 Sequoia Benchmark v1.1.0
• CIS Alibaba Cloud Foundation Benchmark v2.0.0
• CIS Cisco IOS XE 16.x Benchmark v2.2.0
• CIS Microsoft Azure Compute Services Benchmark v2.0.0
• CIS Google Kubernetes Engine (GKE) Benchmark v1.8.0
• CIS Google Kubernetes Engine (GKE) Autopilot Benchmark v1.2.0
• CIS Google Workspace Foundations Benchmark v1.3.0
• CIS IBM AIX 7 Benchmark v1.1.0
• CIS Microsoft Windows 10 Stand-alone Benchmark v4.0.0
• CIS Microsoft Windows Server 2019 Benchmark v4.0.0
• CIS PostgreSQL 15 Benchmark v1.2.0
• CIS PostgreSQL 16 Benchmark v1.1.0
• CIS Red Hat OpenShift Container Platform v1.8.0

In addition, CIS released these four brand new Benchmarks: 

• CIS Google Chrome Enterprise Core Browser Benchmark v1.0.0
• CIS Google Chrome Group Policy Benchmark v1.0.0
• CIS Microsoft Windows Server 2022 Stand-alone Benchmark
• CIS Ubuntu Linux 24.04 LTS STIG Benchmark v1.0.0

The CIS Benchmarks are secure-configuration guidelines designed to help organizations harden products against cyber attacks. CIS offers more than 100 Benchmarks for 25-plus vendor product families in categories including:

• cloud platforms
• databases
• desktop and server software
• mobile devices
• operating systems

To get more details, read the CIS blog “CIS Benchmarks July 2025 Update.”

For more information about the CIS Benchmarks list, check out its home page, as well as:

• “Getting to Know the CIS Benchmarks” (CIS)
• “Security Via Consensus: Developing the CIS Benchmarks” (Dark Reading)
• “How to Unlock the Security Benefits of the CIS Benchmarks” (Tenable)
• “CIS Benchmarks Communities: Where configurations meet consensus” (Help Net Security)
• “CIS Benchmarks: DevOps Guide to Hardening the Cloud” (DevOps)