In this episode of Security & GRC Decoded, Raj Krishnamurthy sits down with Rajiv Dattani and David Meyer from Artificial Intelligence Underwriting Company (AIUC) to explore one of the biggest unanswered questions in AI security:
Can organizations actually trust AI agents?
As enterprises rapidly deploy AI-powered products, copilots, and autonomous agents, traditional security assessments, compliance frameworks, and cyber insurance models are struggling to keep pace. Rajiv and David explain why insurers are beginning to exclude AI-related risks, why historical loss data no longer works in the age of AI, and how AIUC-1 was designed to become a trust and assurance framework for AI systems.
The conversation explores AI certification, AI insurance, agent security testing, reliability, safety, accountability, statistical risk modeling, and the growing challenge of securing increasingly autonomous systems.
Key Takeaways:
- Traditional cyber insurance models are struggling to underwrite AI risk because historical loss data becomes obsolete as models rapidly evolve.
- AIUC-1 combines governance controls, technical evaluations, and large-scale simulation testing to assess AI agent security and trustworthiness.
- AI assurance requires more than security controls—it must also evaluate reliability, safety, accountability, privacy, and societal impact.
- Statistical testing and large-scale simulations may become the foundation for measuring AI risk in probabilistic systems.
- The AI security community will play a critical role in shaping standards, liability models, and best practices for future AI deployments.
What You’ll Learn:
- Why many insurance carriers are beginning to exclude AI-generated risks from cyber policies
- How AIUC-1 differs from frameworks like NIST AI RMF, OWASP LLM Top 10, and MITRE ATLAS
- How AI agents are tested through both black-box and white-box security evaluations
- Why reliability and hallucination risks become more important in multi-agent environments
- How AI certification may influence future insurance pricing, risk management, and enterprise adoption
This podcast is brought to you by ComplianceCow — the smarter way to manage compliance. Automate evidence collection, eliminate screenshots, and scale your program with confidence. Learn more: https://www.compliancecow.com
Watch more episodes: https://www.compliancecow.com/podcast
Connect With Our Guests:
Rajiv Dattani | Cofounder | AIUC
David Meyer | GTM | AIUC
Connect on LinkedIn: https://www.linkedin.com/in/rajiv-dattani/
https://www.linkedin.com/in/david-meyer-8586b17b/
Rate, review, and share if you enjoyed the show!
Subscribe to Security & GRC Decoded wherever you get your podcasts:
Spotify: https://open.spotify.com/show/5pigcMwOrYIA6d9OOOsxqr?si=416b82ab5c474683
Apple Podcasts:
https://podcasts.apple.com/us/podcast/security-grc-decoded/id1795144450