New framework offers enterprises structured guidance to align security, operations, and compliance for responsible AI adoption
The SANS Institute has launched its AI security blueprint “Own AI Securely”, delivering a structured and innovative model to help enterprises adopt artificial intelligence responsibly and securely. The release comes at a critical moment, as organizations worldwide face mounting pressure to integrate AI while navigating complex challenges around safety, compliance, and operational control.
The blueprint directly addresses a pressing concern: security teams are being asked to defend AI systems that evolve faster than traditional playbooks can support. With roles shifting, risks emerging, and adversaries weaponizing AI, enterprises need a trusted framework that combines technical, operational, and governance dimensions into one coherent approach.
“Leaders are not looking for more generic headlines about how the threat landscape is evolving fast, they’re looking for a way to act.”
– Rob T. Lee, SANS Institute
“As roles related to AI rapidly shift and new risks constantly emerge, organizations need to keep up with this pace of change and respond decisively,” said Rob T. Lee, Chief of Research and Chief AI Officer at SANS Institute. “This blueprint gives structure to an environment that has, until now, lacked clear direction. It’s built on field-tested insights and designed to help security leaders act with clarity and purpose.”
“This blueprint gives structure to an environment that has, until now, lacked clear direction.”
– Rob T. Lee, Chief of Research and Chief AI Officer, SANS Institute
Three-Track Model for Enterprise AI Security
At the heart of the Secure AI Blueprint is a three-track model that aligns with 14 SANS training courses and GIAC certifications to build AI-ready security workforces:
- Protect AI – Secure engineering and operations teams defend AI systems from threats such as poisoning, prompt attacks, and data leaks. Controls span access, data, deployment, and monitoring to ensure safety and resilience.
- Utilize AI – Cyber defenders harness AI within SOC operations, red teams, and digital forensics. AI-powered tools accelerate detection, triage, and response, enabling teams to counter adversaries operating at machine speed.
- Govern AI – Executives and boards lead with accountability, ensuring compliance, oversight, and AI fluency at the top. Clear frameworks build trust while aligning business goals with regulatory expectations.
“The blueprint is based on what’s already changing inside real organizations,” Lee added. “Leaders are not looking for more generic headlines about how the threat landscape is evolving fast, they’re looking for a way to act. The SANS model provides structure where there has been confusion, and alignment where there has been fragmentation.”
AI Adoption in the UAE Context
The UAE continues to position AI as a cornerstone of national strategy. Under the UAE National Strategy for AI 2031, AI is viewed as a transformative driver of prosperity, efficiency, and long-term sustainability. According to PwC, global AI spending is projected to surpass USD 300 billion by 2026, with AI contributing up to 13.6% of the UAE’s GDP by 2030.
Against this backdrop, SANS’ Secure AI Blueprint offers enterprises in the UAE and globally the clarity, structure, and workforce development pathways they need to embrace AI while minimizing risk.
The blueprint, AI Career Framework, and course catalog are now available at sans.org/ai.
