• blogangle-right
  • Trusted AI, Explained: How to Prepare for the Rise in Malicious AI Agents & Bots in 2026 & Beyond

Trusted AI, Explained: How to Prepare for the Rise in Malicious AI Agents & Bots in 2026 & Beyond

  • October 06, 2025
Author

Dr. Carsten Stöcker

CEO & Founder at Spherity GmbH

Reviewer

Anna Fitzgerald

Senior Content Marketing Manager

This article is written and contributed by Spherity, a proud Secureframe customer.

Imagine this: You give a babysitter a house key. But it’s not just any key—it’s smart. It works only between 6–10 pm, disarms only the living-room alarm, and cannot open the garage. If you feel uneasy, you can revoke it at any time using your phone. 

In short, this key gives clear identity, clear permission, and clear cut-off.

That is the idea behind Trusted AI in cybersecurity and compliance. As businesses adopt AI agents, we need the digital equivalent of a time-boxed, limited-scope key. We must be able to say, with proof: 

  1. This agent belongs to this company.
  2. It has this narrow mandate.
  3. It runs under these controls.
  4. It can be verified and revoked in milliseconds.

This article explains a practical way to do just that. Before we dive into the how, let’s take a closer look at why trustworthy AI is becoming increasingly important. 

Why you need Trusted AI and why now

AI adoption is now moving fast from pilots to production. In the last year, enterprise use of generative AI roughly doubled. At the same time, the open internet shows a more sobering trend: nearly half of all web traffic is non-human, and malicious bots make up a large chunk of it

In plain words: there will be many more poor or malicious agents than secure, safe, and compliant ones in the near future. If we do not check who is acting and under what authority, we invite fraud, errors, and costly disputes.

Regulators are starting to lead the way by aligning standards to this goal of AI governance. The NIST AI Risk Management Framework (RMF) gives a common language for AI risk (“Govern, Map, Measure, Manage”), for example. ISO/IEC 42001:2023 defines a formal AI management system you can audit. 

While these standards help you an help you establish a trust and governance framework for AI systems, they do not, by themselves, give your partners an easy way to verify your agent at the moment of interaction. Having a policy in place or a nice diagram to share with partners will not prevent harm. As AI law scholar Frank Pasquale has argued for years, Transparency is not enough. We need accountability with real controls and revocation. We need Trusted AI.

Recommended reading

How Can Generative AI Be Used in Cybersecurity? 15 Real-World Examples

A real-world example of Trusted AI

We may have a better understanding of the importance of Trusted AI, but it can still be difficult to understand practically in the real world. Let’s look at an example. 

Take pharmacovigilance in pharma. Companies must monitor drugs for side effects in the real world and report them quickly. Data pours in from spontaneous reports, electronic health records, scientific literature, and official safety databases. Teams must spot signals, de-duplicate, draft structured case narratives, and keep a perfect audit trail. It’s hard, and the stakes are high.

Now picture a Pharmacovigilance (PV) AI agent that helps. 

The company’s verifiable business identity (anchored in the national register) sits in a business wallet. The company issues a digital power-of-attorney to the PV agent: it may scan specified sources, prepare draft reports, and route them to a human reviewer; it may not submit anything to a regulator or contact patients. 

The agent carries an identifier that shows its model version, testing and validation results, approved data sources, runtime controls, and operator. Think of it like a passport. When the agent queries an external database or shares a draft with a partner, the receiving system can verify the chain (company → mandate → passport) before it responds. If the model is updated or a control fails, the passport status changes and partners can restrict or block the agent until things are fixed.

Experts still make the final call. But the work is faster, the trail is cleaner, and the proof is portable. That is Trusted AI in practice.

Figure 1: AI Service Passport (AISP) for a PV Agent. Identity-verified service under a company PoA. The passport lists purpose, ownership, operations, data and model provenance, TEVV, delegated authority, runtime controls, security, risk, and logging. Counterparties verify the chain (legal company identity → PoA → AISP) before any exchange; status changes enable instant restriction or revocation. Human review remains required for final submissions.

How to put Trusted AI in practice before malicious agents explode

We are heading toward a world with billions of AI agents—in software, in devices, and across supply chains. The uncomfortable truth is that most will not be carefully governed. Many will be throw-away scripts, unpatched helpers, or outright malicious bots. 

On today’s internet, bad automation is already a major cybersecurity threat. Tomorrow’s agent-to-agent economy will also be rife with threats—unless we raise the bar.

To do that, we need to establish a trust chain for companies and their AI agents that is continuously powered by live compliance evidence.

A trust chain makes sure the agent in front of you is tied to a real company, with a narrow, revocable mandate. A compliance backbone makes sure the agent’s passport reflects up-to-date testing, controls, and risk. Together, they let you score incoming agents and make smart decisions in real time: let safe agents flow, throttle suspicious ones, and block the rest. It is the same logic that keeps payments safe (identity + authorization + risk scoring) but applied to AI.

Spherity and Secureframe can help you fit these two pieces together:

  • Spherity provides the trust chain for companies and their AI agents: a verifiable company identity anchored in official business registers, a digital power-of-attorney (PoA) that delegates exactly what an agent may do, and an AI Service Passport (AISP) that records the agent’s provenance, testing, and runtime controls.
  • Secureframe provides the compliance backbone that keeps the evidence fresh: an AI system inventory, policies mapped to frameworks like NIST’s AI Risk Management Framework, ISO 42001, and the EU AI Act, and continuous monitoring so you always know which controls are in place.

Figure 2: Trusted AI chain. Business Register → EUBW (LPID) → KYC → PoA → Licenses/Roles → AISP → A2A. LPID = legal anchor. PoA = delegated scope. AISP = lifecycle proof. Spherity issues the credentials. Secureframe provides compliance (NIST AI RMF, ISO 42001).

Used together, you get AI that is identity-bound, delegated, compliant, and auditable—in language both engineers and auditors understand.

Recommended reading

Top 60 AI Statistics & Tips to Understand How It Can Improve Cybersecurity

How Spherity and Secureframe work together in your day-to-day

Think of Spherity as proof of origin and mandate, and Secureframe as proof of operation and control.

When your team aligns a service with policy—say, you set up bias tests, sign-off steps, and change controls in Secureframe—you can issue a signed statement that the controls are in place and passing. You store that statement in the service’s AI passport. When the agent interacts with a partner, the partner can verify the statement instantly, just like they verify your company identity and PoA.

Figure 3: Compliance posture that travels with the agent. Secureframe Dashboard shows active frameworks (e.g., SOC 2, ISO 42001, NIST AI RMF) with % passing and test counts. These control results and KPIs are issued as signed attestations and stored in the AI Service Passport (AISP). Partners can verify them in A2A handshakes together with LPID and PoA. 

If a control fails—maybe a model was retrained without a required fairness check—Secureframe flags it. The passport can reflect the change. Downstream systems see the risk and tighten the gate automatically until you remediate. When auditors ask “who authorized this action and under what controls,” you show the mandate and the passport, plus Secureframe’s evidence trail. The line from legal authority to operational fact is short and clear.

Let’s take a closer look at how each piece works.

Recommended reading

Risk and Compliance in the Age of AI: Challenges and Opportunities

How Spherity’s trust chain works, in plain words

Identity is the foundation of trust. Spherity provides the chain that links a company to its AI agents—who they are, what they are allowed to do, and how that mandate is proven and revoked in real time. Here’s how it works in plain words:

  1. Start with who. A company proves it exists—cryptographically and legally—through a verifiable company identity linked to an official business register (in Germany, for example, Bundesanzeiger Verlag). Think of this as a legal person ID you can present online.
  2. Add what it may do. The company issues a digital power-of-attorney to a specific AI agent. It spells out the mandate (what actions are allowed), the context (where and for whom), and the timeframe (validity and expiry). It is revocable in real time.
  3. Add how it is governed and validated. The agent carries an AI Service Passport—a compact, verifiable record of what the agent is (service identity and model/version), what evidence supports it (testing, evaluation, validation), what it depends on (data sources), what keeps it safe (runtime controls, human-in-the-loop where needed), and who is responsible (operator). The passport links back to the mandate, the company identity and its AI compliance certificates.
  4. Now connect the dots. When one agent calls another, or an agent hits your API, your system can ask for the package: identity, mandate, passport. If everything checks out and nothing is revoked, proceed. If not, decline or restrict. The checks leave a signed, time-stamped trail. Trust turns into code.

How Secureframe provides the compliance backbone to your trust chain

Identity and delegation make an agent verifiable. To keep it trustworthy over time, you need live governance. Secureframe helps you run that day by day in a way that is visible to auditors and easy to automate. Here’s how it works:

  1. You start with a catalog of your AI systems and agents. Each entry has a purpose, data sensitivity, and impact level. 
  2. You publish clear policies—mapped to NIST’s AI RMF and ISO/IEC 42001—so teams know the rules. 
  3. You connect the platform to your cloud and ML tools so it can monitor controls continuously: access, encryption, change management, bias and robustness testing, approvals before deploys. 
  4. When something drifts, you get an alert so you can remediate the issue asap. 
  5. When auditors or customers ask, you show current evidence of how you’re adhering to the AI governance framework rather than a stale snapshot.

Here is the key step for Trusted AI: once a service meets your bar, your compliance office can issue a digitally signed assertion (for example, “this service conforms to our AI RMF profile as of Q4; these controls passed”). Spherity’s AI Service Passport can embed that assertion. 

Partners then see not just “who” and “what,” but also “under which controls, verified recently.” No email attachments. No vague claims. Just verifiable proof that travels with the agent.

Recommended reading

Why You Need an AI Policy in 2025 & How to Write One [+ Template]

4 Steps to establish a Trusted AI system

In a healthy trusted AI setup, every production agent has a verifiable company link, a narrow, time-boxed mandate, and a passport that tells its story. When you update a model or its data, you re-run the tests and the passport reflects the change. Your policies are not just written; they are enforced and monitored. And at your boundaries, incoming agents must present identity, mandate, and passport—or they do not get in.

So how do you establish this healthy setup? Start with these five steps: 

1. Anchor your legal identity. Get your verifiable company ID from the official register into your business wallet. This is your root of trust online.

2. Delegate narrowly. Pick one workflow. Issue a digital mandate to a single AI agent with a clear scope and expiry. Test revocation. Make it boring and reliable.

3. Publish the passport and enforce checks. Record the model version, key tests, controls, and operator. Add a signed statement from your Secureframe compliance platform that shows your control status. Require identity + mandate + passport at your API boundary. Watch how quickly partner conversations change when you can prove trust in seconds.

4. Establish and track key performance metrics. You can measure your progress with numbers leaders care about: 

  • how fast you can prove compliance to a partner (minutes, not months)
  • how quickly you can revoke a problematic agent (minutes)
  • how much of your estate runs with identity + mandate + passport (aim for 100%)
  • how many controls pass at any given time
  • how many risky agent requests your gates stop before they touch sensitive systems. 

These are easy to audit because they rely on machine-verifiable proofs, not just documents.

5. Scale. Once this is running, scale to more agents and partners. Add industry licenses and market roles as verifiable credentials where needed (for example, in finance or energy). Connect compliance alerts to passport status so your risk gates adjust automatically. You will resolve fewer disputes, spend less time on audits, and avoid unsafe automation.

Recommended reading

How MSPs and IT Service Providers Can Leverage AI and Machine Learning to Improve Cybersecurity

How Spherity and Secureframe can help you prepare for the future of Trusted AI

Trusted AI in cybersecurity is not about slowing things down. It is about moving faster with guardrails. In a world where agents are multiplying and many will be careless or hostile, the winners will be the teams that can prove who their agents are, what they are allowed to do, and how they are governed—right now, at the edge, without a meeting.

Spherity gives your agents the verifiable link to a real company, a narrow mandate you control, and a portable passport of evidence. Secureframe keeps that evidence current with live policies, monitoring, and audits. Put them together and you get AI in cybersecurity that partners can trust, regulators can understand, and your own teams can manage with confidence.

And remember the babysitter’s key: it is limited, time-boxed, and revocable. If we can do that for a front door, we can do it for AI.

FAQs

What is a trustworthy AI?

A trustworthy AI system is one that operates under verifiable identity, clear permissions, and enforceable controls. Similar to giving someone a time-boxed, limited-use key to your home, a trustworthy—or Trusted AI—agent has a provable link to the company it represents, a narrow mandate of what it can and cannot do, and an AI Service Passport (AISP) that records its provenance, controls, and testing. This setup ensures that the agent can be verified, monitored, and revoked in real time, providing accountability and security instead of blind reliance.

Can AI be 100% trusted?

AI cannot be 100% trusted on its own. As emphasized above, transparency alone (e.g., “we have policies in place”) is not enough. Without verifiable controls and continuous monitoring, AI systems can drift, be misused, or even become malicious. Trusted AI is not about assuming perfection, but about creating mechanisms—like identity anchoring, mandates, and real-time revocation—that make AI verifiable, accountable, and governable. Human oversight and live compliance evidence remain essential.

Why is trusted AI important, especially now?

Trusted AI is increasingly important because AI adoption is accelerating at the same time as malicious automation is rising. According to the 2025 Imperva Bad Bot Report, nearly half of internet traffic already comes from non-human sources, and a growing portion is malicious bots. As billions of AI agents are deployed across industries, many will be ungoverned or unsafe. Without verifiable identity, authority, and compliance, organizations risk fraud, errors, and regulatory breaches. Establishing Trusted AI now—anchored in standards like NIST’s AI RMF and ISO/IEC 42001—helps organizations stay ahead, protect against malicious agents, and build confidence with partners, regulators, and customers.