Independent. Source-cited. Built for executives and engineers.
101s.ai exists because the gap between excellent government cyber guidance and actionable enterprise practice is wider than it should be. We translate the guidance — without watering it down — and help organisations adopt agentic AI without giving up control.
Primary source
The risk taxonomy, lifecycle structure, and recommended practices on this site are drawn from Careful adoption of agentic AI services, co-authored by:
- Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
- United States Cybersecurity and Infrastructure Security Agency (CISA)
- United States National Security Agency (NSA)
- Canadian Centre for Cyber Security (Cyber Centre)
- New Zealand National Cyber Security Centre (NCSC-NZ)
- United Kingdom National Cyber Security Centre (NCSC-UK)
© Commonwealth of Australia 2026. Released under Creative Commons Attribution 4.0 International. 101s.ai is independent and is not affiliated with, endorsed by, or sponsored by any of the authoring agencies. Where we paraphrase the guidance, we cite section and page numbers. Where we add reference architectures, examples, or executive framing, those are our own additions for instructional purposes.
Related guidance & frameworks
We also reference the following bodies of work in audits and briefings.
- Artificial intelligence
- Frontier models and their impact on cyber security
- Foundations for modern defensible architecture
- AI/ML: Supply chain risks and mitigations
- Secure by Design foundations
- Artificial Intelligence
- Secure by Design
- AI Cybersecurity Collaboration Playbook
- Secure by Demand: Operational Technology Owners and Operators
- Defending Against Software Supply Chain Attacks
- 2025 Minimum Elements for a Software Bill of Materials (SBOM)
- Cybersecurity Performance Goals 2.0 (CPG 2.0)
- AI Data Security: Best Practices for Securing Data Used to Train & Operate AI Systems
- Deploying AI Systems Securely
- Zero Trust Implementation Guideline — Primer
- Zero Trust Implementation Guideline — Discovery Phase
- Guidelines for secure AI system development
- System driven risk management methods
- Frontier artificial intelligence
- Top 10 artificial intelligence security actions: a primer (ITSAP.10.049)
- NIST AI Risk Management Framework
- NIST SP 800-207 Zero Trust Architecture
- MITRE ATLAS™ Matrix
- OWASP Top 10 for Agentic Applications (2026)
- OWASP 2025 Top 10 Risk & Mitigations for LLMs and Gen AI Apps
- ETSI SAI — Securing Artificial Intelligence
- G7 Shared Vision on SBOM for AI
- UK Government Code of Practice for the Cyber Security of AI
Disclaimer
The material on this site is general in nature and should not be regarded as legal, financial, or compliance advice. It is provided for educational purposes. In any important matter, seek independent professional advice for your circumstances. 101s.ai accepts no responsibility or liability for any damage, loss, or expense incurred as a result of reliance on information here. The Commonwealth and the co-authoring agencies accept no responsibility for the contents of this independent site.