From Cloud to Chaos: Defining Shared Responsibility for AI Security
Medium (Anton on Security), Thursday, July 2nd, 2026
A new framework clarifies how accountability for AI security is shared across model providers and deployers.
Anton Chuvakin argues AI security responsibility differs fundamentally from cloud security across three dimensions: a broader spectrum of risks including safety and ethics, more complex multi-party supply chains, and non-deterministic behavior requiring extra guardrails.
The CoSAI AI Shared Responsibility Framework defines five accountability layers, from model providers to deploying organizations, with explicit ownership for each. Rather than enabling finger-pointing, it clarifies which layer's controls failed during an incident.
Implementation proceeds through inventory mapping, governance restructuring, and tabletop simulations. The author frames this as an important first step toward operational accountability in AI deployments.