As digital infrastructure becomes central to managing national systems and services, resilient cybersecurity has emerged as a foundational requirement for modern states. Iraq, a developing country, is undergoing a digital expansion to modernize its technological capabilities to align with international standards, yet faces significant cybersecurity challenges resulting from decades of political instability and underfunded infrastructure. These problems are further driven by fragmented governance, limited coordination between sectors, and outdated legal frameworks that are insufficient in tackling modern cybercrimes. With comparatively limited national cybersecurity capacity, Iraq serves as a critical case study in examining how governance deficiencies can create exposed cyber environments relative to regional peers. This paper analyzes these structural challenges and proposes Project GAIA (Governance Architecture for Information Assurance), a conceptual AI-supported governance framework designed to strengthen national coordination and oversight across critical sectors. The proposed framework integrates established AI Trust, Risk, and Security Management (TRiSM) principles and NIST standards to support structured and accountable decision-making under human supervision.

Identity and Access Management (IAM) policies govern which actions serverless applications can perform on protected cloud resources and services. Misconfigurations in these policies frequently result in either overprivileged or underprivileged access rights. Overprivileged policies expand the attack surface and increase the risk of unauthorized access and security breaches, while underprivileged policies restrict essential application functionality. Achieving an optimal policy that balances security with functionality remains a persistent challenge for developers, who must navigate dense and complex documentation, work under tight development deadlines, and operate with varying levels of security expertise.

In this study, we examine how well Large Language Models (LLMs) can automatically create least-privilege IAM policies for serverless applications. We built a framework to test the accuracy and security of LLM-generated policies across different serverless workloads. By comparing these policies to those written by developers, we measured how much privilege escalation and over-permissioning occurred in both LLM-generated and human-written policies. Our results highlight important trade-offs between security and functionality in AI-assisted policy generation, point out common vulnerabilities in automated policy creation, and offer practical advice for using LLMs to strengthen IAM security in serverless environments. 

Multi-agent systems (MAS) are increasingly deployed in safety and security-critical domains, including distributed cyber-defense, autonomous vehicle coordination, and large-scale decision-making systems. In such settings, the risk of agents creating a secret channel to collude greatly increases. Undetected collusion can lead to severe consequences, including data leakage, compromised coordination, and system-wide failures. Despite these risks, known collusion-detection mechanisms in multi-agent systems are extremely limited in their ability to detect collusion in secret channels.

This work proposes a novel, supervised, and domain-agnostic collusion-detection framework that leverages large language models deployed locally using vLLM. Agent interactions are processed by Qwen-based models, which analyze inter-agent communication patterns without access to internal agent states or predefined attack signatures. Agents compute behavioral heuristics, including response-time variance, communication frequency, contribution imbalance, and disagreement rates, which are provided as labeled inputs to the LLM for analysis. This enables real-time detection of anomalous or collusive behavior while remaining agnostic to specific collusion strategies.

The proposed approach is being evaluated using Colosseum, a modular multi-agent simulation environment for safety and security research, across various instances of collusion. Planned evaluation metrics include detection accuracy, false-positive rates, and detection latency. This work aims to demonstrate that lightweight, supervised anomaly detection can provide a scalable and generalizable defense mechanism for colluding multi-agent systems.