This article is written and contributed by Spherity, a proud Secureframe customer.

Imagine this: You give a babysitter a house key. But it’s not just any key—it’s smart. It works only between 6–10 pm, disarms only the living-room alarm, and cannot open the garage. If you feel uneasy, you can revoke it at any time using your phone. 

In short, this key gives clear identity, clear permission, and clear cut-off.

That is the idea behind Trusted AI in cybersecurity and compliance. As businesses adopt AI agents, we need the digital equivalent of a time-boxed, limited-scope key. We must be able to say, with proof: 

1. This agent belongs to this company.
2. It has this narrow mandate.
3. It runs under these controls.
4. It can be verified and revoked in milliseconds.

This article explains a practical way to do just that. Before we dive into the how, let’s take a closer look at why trustworthy AI is becoming increasingly important. 

Why you need Trusted AI and why now

AI adoption is now moving fast from pilots to production. In the last year, enterprise use of generative AI roughly doubled. At the same time, the open internet shows a more sobering trend: nearly half of all web traffic is non-human, and malicious bots make up a large chunk of it. 

In plain words: there will be many more poor or malicious agents than secure, safe, and compliant ones in the near future. If we do not check who is acting and under what authority, we invite fraud, errors, and costly disputes.

Regulators are starting to lead the way by aligning standards to this goal of AI governance. The NIST AI Risk Management Framework (RMF) gives a common language for AI risk (“Govern, Map, Measure, Manage”), for example. ISO/IEC 42001:2023 defines a formal AI management system you can audit. 

While these standards help you an help you establish a trust and governance framework for AI systems, they do not, by themselves, give your partners an easy way to verify your agent at the moment of interaction. Having a policy in place or a nice diagram to share with partners will not prevent harm. As AI law scholar Frank Pasquale has argued for years, “Transparency is not enough.” We need accountability with real controls and revocation. We need Trusted AI.

A real-world example of Trusted AI

We may have a better understanding of the importance of Trusted AI, but it can still be difficult to understand practically in the real world. Let’s look at an example. 

Take pharmacovigilance in pharma. Companies must monitor drugs for side effects in the real world and report them quickly. Data pours in from spontaneous reports, electronic health records, scientific literature, and official safety databases. Teams must spot signals, de-duplicate, draft structured case narratives, and keep a perfect audit trail. It’s hard, and the stakes are high.

Now picture a Pharmacovigilance (PV) AI agent that helps. 

The company’s verifiable business identity (anchored in the national register) sits in a business wallet. The company issues a digital power-of-attorney to the PV agent: it may scan specified sources, prepare draft reports, and route them to a human reviewer; it may not submit anything to a regulator or contact patients. 

The agent carries an identifier that shows its model version, testing and validation results, approved data sources, runtime controls, and operator. Think of it like a passport. When the agent queries an external database or shares a draft with a partner, the receiving system can verify the chain (company → mandate → passport) before it responds. If the model is updated or a control fails, the passport status changes and partners can restrict or block the agent until things are fixed.

Experts still make the final call. But the work is faster, the trail is cleaner, and the proof is portable. That is Trusted AI in practice.

Figure 1: AI Service Passport (AISP) for a PV Agent. Identity-verified service under a company PoA. The passport lists purpose, ownership, operations, data and model provenance, TEVV, delegated authority, runtime controls, security, risk, and logging. Counterparties verify the chain (legal company identity → PoA → AISP) before any exchange; status changes enable instant restriction or revocation. Human review remains required for final submissions.

How to put Trusted AI in practice before malicious agents explode

We are heading toward a world with billions of AI agents—in software, in devices, and across supply chains. The uncomfortable truth is that most will not be carefully governed. Many will be throw-away scripts, unpatched helpers, or outright malicious bots. 

On today’s internet, bad automation is already a major cybersecurity threat. Tomorrow’s agent-to-agent economy will also be rife with threats—unless we raise the bar.

To do that, we need to establish a trust chain for companies and their AI agents that is continuously powered by live compliance evidence.

A trust chain makes sure the agent in front of you is tied to a real company, with a narrow, revocable mandate. A compliance backbone makes sure the agent’s passport reflects up-to-date testing, controls, and risk. Together, they let you score incoming agents and make smart decisions in real time: let safe agents flow, throttle suspicious ones, and block the rest. It is the same logic that keeps payments safe (identity + authorization + risk scoring) but applied to AI.

Spherity and Secureframe can help you fit these two pieces together:

• Spherity provides the trust chain for companies and their AI agents: a verifiable company identity anchored in official business registers, a digital power-of-attorney (PoA) that delegates exactly what an agent may do, and an AI Service Passport (AISP) that records the agent’s provenance, testing, and runtime controls.
• Secureframe provides the compliance backbone that keeps the evidence fresh: an AI system inventory, policies mapped to frameworks like NIST’s AI Risk Management Framework, ISO 42001, and the EU AI Act, and continuous monitoring so you always know which controls are in place.

Figure 2: Trusted AI chain. Business Register → EUBW (LPID) → KYC → PoA → Licenses/Roles → AISP → A2A. LPID = legal anchor. PoA = delegated scope. AISP = lifecycle proof. Spherity issues the credentials. Secureframe provides compliance (NIST AI RMF, ISO 42001).

Used together, you get AI that is identity-bound, delegated, compliant, and auditable—in language both engineers and auditors understand.

How Spherity and Secureframe work together in your day-to-day

Think of Spherity as proof of origin and mandate, and Secureframe as proof of operation and control.

When your team aligns a service with policy—say, you set up bias tests, sign-off steps, and change controls in Secureframe—you can issue a signed statement that the controls are in place and passing. You store that statement in the service’s AI passport. When the agent interacts with a partner, the partner can verify the statement instantly, just like they verify your company identity and PoA.

Figure 3: Compliance posture that travels with the agent. Secureframe Dashboard shows active frameworks (e.g., SOC 2, ISO 42001, NIST AI RMF) with % passing and test counts. These control results and KPIs are issued as signed attestations and stored in the AI Service Passport (AISP). Partners can verify them in A2A handshakes together with LPID and PoA. 

If a control fails—maybe a model was retrained without a required fairness check—Secureframe flags it. The passport can reflect the change. Downstream systems see the risk and tighten the gate automatically until you remediate. When auditors ask “who authorized this action and under what controls,” you show the mandate and the passport, plus Secureframe’s evidence trail. The line from legal authority to operational fact is short and clear.

Let’s take a closer look at how each piece works.

How Spherity’s trust chain works, in plain words

Identity is the foundation of trust. Spherity provides the chain that links a company to its AI agents—who they are, what they are allowed to do, and how that mandate is proven and revoked in real time. Here’s how it works in plain words:

1. Start with who. A company proves it exists—cryptographically and legally—through a verifiable company identity linked to an official business register (in Germany, for example, Bundesanzeiger Verlag). Think of this as a legal person ID you can present online.
2. Add what it may do. The company issues a digital power-of-attorney to a specific AI agent. It spells out the mandate (what actions are allowed), the context (where and for whom), and the timeframe (validity and expiry). It is revocable in real time.
3. Add how it is governed and validated. The agent carries an AI Service Passport—a compact, verifiable record of what the agent is (service identity and model/version), what evidence supports it (testing, evaluation, validation), what it depends on (data sources), what keeps it safe (runtime controls, human-in-the-loop where needed), and who is responsible (operator). The passport links back to the mandate, the company identity and its AI compliance certificates.
4. Now connect the dots. When one agent calls another, or an agent hits your API, your system can ask for the package: identity, mandate, passport. If everything checks out and nothing is revoked, proceed. If not, decline or restrict. The checks leave a signed, time-stamped trail. Trust turns into code.

How Secureframe provides the compliance backbone to your trust chain

Identity and delegation make an agent verifiable. To keep it trustworthy over time, you need live governance. Secureframe helps you run that day by day in a way that is visible to auditors and easy to automate. Here’s how it works:

1. You start with a catalog of your AI systems and agents. Each entry has a purpose, data sensitivity, and impact level. 
2. You publish clear policies—mapped to NIST’s AI RMF and ISO/IEC 42001—so teams know the rules. 
3. You connect the platform to your cloud and ML tools so it can monitor controls continuously: access, encryption, change management, bias and robustness testing, approvals before deploys. 
4. When something drifts, you get an alert so you can remediate the issue asap. 
5. When auditors or customers ask, you show current evidence of how you’re adhering to the AI governance framework rather than a stale snapshot.

Here is the key step for Trusted AI: once a service meets your bar, your compliance office can issue a digitally signed assertion (for example, “this service conforms to our AI RMF profile as of Q4; these controls passed”). Spherity’s AI Service Passport can embed that assertion. 

Partners then see not just “who” and “what,” but also “under which controls, verified recently.” No email attachments. No vague claims. Just verifiable proof that travels with the agent.

How Spherity and Secureframe can help you prepare for the future of Trusted AI

Trusted AI in cybersecurity is not about slowing things down. It is about moving faster with guardrails. In a world where agents are multiplying and many will be careless or hostile, the winners will be the teams that can prove who their agents are, what they are allowed to do, and how they are governed—right now, at the edge, without a meeting.

Spherity gives your agents the verifiable link to a real company, a narrow mandate you control, and a portable passport of evidence. Secureframe keeps that evidence current with live policies, monitoring, and audits. Put them together and you get AI in cybersecurity that partners can trust, regulators can understand, and your own teams can manage with confidence.

And remember the babysitter’s key: it is limited, time-boxed, and revocable. If we can do that for a front door, we can do it for AI.