By The Cyber Leader | balancedsec.com

In August 2025, ISACA did something long overdue. They launched a certification built specifically for security managers who need to deal with AI. Not data scientists. Not ML engineers. Security managers.

The timing wasn’t subtle. Organizations were already deploying AI systems across their operations, and most had no one formally responsible for securing those deployments. ISC2’s 2025 AI Adoption Survey found that over one-third of surveyed cybersecurity professionals cited AI as the biggest skills shortfall on their teams, and 42% said they’re actively exploring or testing AI-focused security tools. ISACA’s response was the Advanced in AI Security Management (AAISM): a credential designed to sit atop existing security management expertise and extend it into AI governance, risk, and technical controls.

I believe it’s the first certification that treats AI security as a management and leadership discipline rather than as a demonstration of technical knowledge. For CISSP or CISM holders, it’s the most directly relevant option on the market right now. But “first” doesn’t automatically mean “complete,” and the certification has limitations worth understanding before you charge the card.