More Practical AI episodes

AIUC-1: Building trust in AI agents thumbnail

AIUC-1: Building trust in AI agents

Published 25 Jun 2026

Duration: 00:45:07

The development of AI safety and ethics standards, employing a flywheel model of audits, certifications, and red teaming, addresses risks to vulnerable groups and enterprise adoption through frameworks like three-layer structures, probabilistic risk management, and systemic safeguards beyond technical controls.

Episode Description

How do we build trust in AI agents before the AI hailstorm arrives? Emil Lassen from the Artificial Intelligence Underwriting Company (AIUC) joins the...

Overview

The podcast discusses the practical applications of AI and its growing influence on daily life, work, and creativity, emphasizing the need to make AI accessible and beneficial for diverse audiences. A central theme revolves around addressing AIs societal and ethical challenges, such as risks to children, security vulnerabilities, and shifts in the job market. The guest, Emil Lassen, highlights the importance of developing standards to ensure safe, transparent, and responsible AI use, particularly for vulnerable groups. Historical examples, such as Benjamin Franklins fire safety standards and their integration with insurance, are used to illustrate how standards, audits, and risk mitigation mechanisms (the "flywheel" model) are critical for fostering trust in new technologies. This framework is applied to AI, where standards (like AIUC1), third-party audits, and insurance strategies aim to secure enterprise adoption while managing residual risks.

The discussion delves into the practical implementation of AI safety standards, focusing on the certification process for agentic AI systems. This includes third-party validation, red teaming (testing AI against adversarial scenarios), and technical controls to address hallucinations, jailbreaking, and data access risks. Frameworks such as AIUC1 are presented as dynamic standards, requiring continuous updates to address emerging threats and ensuring compliance with evolving security requirements. The certification process involves gap assessments, auditor collaboration, and iterative testing, with outcomes documented in detailed audit reports. Challenges include balancing regulatory needs with innovation, ensuring enforcement of standards, and aligning frameworks with enterprise priorities. The podcast underscores the necessity of industry collaboration to shape adaptive standards, minimize compliance burdens, and prioritize systemic safeguards over isolated solutions.

Key topics also include the development of AI security frameworks, the role of red teaming in identifying blind spots, and the integration of AI governance into organizational practices. The podcast emphasizes the non-deterministic nature of AI agents, highlighting the inevitability of minor vulnerabilities and the need for organizations to define acceptable risk tolerances based on use cases. Collaborative efforts among industry leaders, such as CISOs and security experts, are presented as vital to creating scalable, real-world-applicable standards. The discussion concludes with a call for ongoing innovation in governance tools, sector-specific adjustments, and systemic approaches to ensure AI adoption remains secure, ethical, and aligned with societal needs.

What If

  • What if you built a certification framework for AGI agents using the historical standards-audits-insurance flywheel model?

    • Move: Develop a modular certification process for AI agents that mirrors Benjamin Franklin's fire brigade model, integrating standards (e.g., AIUC1), third-party red teaming audits, and insurance partnerships.
    • Why Now?: Enterprises are increasingly wary of AI risks (e.g., hallucinations, jailbreaking) and seek proven frameworks to adopt agentic AI securely. The AIUC1 certification process is already in motion, and early adopters gain a competitive edge.
    • Expected Upside: Position your product as an AI security leader, unlock enterprise deals by enabling compliance proofs, and foster trust through transparent, repeatable validation.
  • What if you created a partner ecosystem for compliance tools to streamline AIUC1 certification?

    • Move: Partner with GRC platforms and pre-built compliance solutions (e.g., Wide Circle, Credo) to automate evidence collection and simplify certification steps for startups and mid-sized firms.
    • Why Now?: The certification process is complex and time-consuming for solo developers. Streamlined tools reduce friction and align with the industrys push for faster, programmatic compliance validation.
    • Expected Upside: Reduce your time on certification by 50% through automation, attract clients leveraging compliance-as-a-service, and strengthen your reputation as a standards-driven innovator.
  • What if you implemented zero-trust governance for AI agents using self-hosted control planes?

    • Move: Integrate a self-hosted AI control plane (e.g., Prediction Guards) to enforce runtime monitoring, defensive prompting, and access restrictions for your agentic AI product.
    • Why Now?: Enterprises demand systemic safeguards over reactive filters. Zero-trust governance addresses the non-deterministic nature of AI agents and mitigates risks like hallucinations or jailbreaking.
    • Expected Upside: Differentiate your product with built-in security, reduce liability from misuse, and attract clients in regulated sectors (e.g., healthcare, legal) that prioritize compliance and risk mitigation.

Takeaway

  • Implement a Certification Roadmap Using AIUC1 Standards: Begin by conducting a gap assessment to align your agentic AI product with the AIUC1 framework, prioritizing organizational, infrastructure, and agentic AI layers. Partner with accredited auditors like Shellman or Coalfire to validate compliance, ensuring technical controls (e.g., filtering configurations, groundedness checks) meet certification requirements.

  • Design a Red Teaming Program for Agent Security: Develop 1,0005,000 unique adversarial attack scenarios (e.g., social engineering, hallucination triggers) to test agent resilience. Conduct two rounds of red teaming with mitigation timelines of 14 weeks, focusing on runtime security and privacy risks rather than mere compliance.

  • Leverage Industry Partnerships for Standards Compliance: Collaborate with third-party auditors, platform providers (e.g., UiPath), and compliance-focused tools (e.g., Prediction Guards) to build a secure AI ecosystem. Engage with crosswalk partnerships (e.g., Cisco, IBM) to align with existing frameworks like SOC 2 or OWASP.

  • Integrate Organizational and Technical AI Standards: Adopt ISO 27001 (information security) and AIUC1 for governance, embedding policies on data access, hallucination prevention, and agent behavior. Use SOC 2 or penetration testing for infrastructure security, ensuring controls scale with your companys size (startup to enterprise).

  • Produce Detailed Audit Reports for Enterprise Trust: After certification, generate a 60100 page audit report outlining your AI agents security posture, including mitigation timelines and compliance status. Share this transparently with enterprise clients to build trust and secure contracts, with quarterly retesting to maintain certification.

Recent Episodes of Practical AI

2 Jul 2026 Image Generation and Visual Intelligence with Black Forest Labs

The evolution of generative AI progresses from basic outputs to cinematic-quality media via diffusion and autoregressive models, with innovations in noise-removal techniques, preference-based evaluation, multimodal integration, and efficiency-focused research for real-world applications.

4 Jun 2026 Breaking down the 2026 Stanford AI Index Report

Recent advancements in AI, highlighted by the Stanford AI Index Report's findings on accelerating capabilities, human-level performance in specialized tasks, impacts on education and work, challenges like flawed benchmarks and the "jagged frontier," robotics limitations, U.S.-China leadership dynamics, governance gaps, and broader implications for labor, creativity, and policy.

28 May 2026 Rebooting Enterprise AI with MCP and Kubernetes

The Multi-Cloud Protocol (MCP) bridges AI systems with enterprise infrastructure, enabling secure, scalable interactions between LLMs and traditional tools via standardized, governance-focused operational frameworks.

21 May 2026 Hermes Agent: Agents that grow with you

Noose Research's mission to democratize AI through open-source tools like the Hermes Agent emphasizes efficiency, distributed training, ethical alignment, and agentic systems, while navigating challenges like monopolization, geopolitical competition, and the balance between open-source ideals and commercial interests, alongside debates on AI's creative limits and societal impact.

14 May 2026 U.S. Congressman Beyer on AI challenges facing America and the World

AI policy debates, cybersecurity vulnerabilities, economic disruptions, ethical risks, international collaboration, and philosophical questions on AI consciousness and human alignment dominate discussions on balancing innovation with governance and societal impact.

More Practical AI episodes