Artificial Intelligence 07-10-2026

AI trust
insights from
IDC and DigiCert

Maya Ogranovitch Scott
AI Trust Hero

Artificial intelligence is reshaping how organizations operate, but it is also raising new questions about security, governance, authenticity, and accountability. As AI becomes embedded across business processes, IT and security leaders need practical strategies to build trust into AI systems from the start.

To help organizations navigate this shift, DigiCert hosted a discussion with IDC Group Vice President Frank Dickson and DigiCert Chief Product Officer Deepika Chauhan on what it takes to move from AI risk to AI trust. 

Here are seven of the most important insights from that conversation and what they mean for organizations deploying AI at scale.

7 key questions for building trust in the AI era

As AI goes increasingly mainstream, how are organizations approaching this transition, and what is key for IT and security decisionmakers to know?

Organizations are moving beyond AI experimentation and beginning to embed AI into business processes, customer experiences, and operational workflows. The challenge is balancing innovation with appropriate governance and security. 

Rather than trying to slow AI adoption, IT and security teams should focus on creating trusted frameworks, guardrails, and approved pathways that allow the business to innovate safely. The organizations that succeed will be those that enable AI while maintaining visibility, accountability, and control.

What existing foundations and standards are in place that can help make this transition smooth?

We don’t need to reinvent the wheel entirely—many of the technologies needed to establish trust in AI already exist and have been proven over decades. Concepts such as PKI, DNS, cryptographic identity, workload identity, and attestation can be extended to AI systems in much the same way they have been used to secure users, devices, and applications. Rather than inventing entirely new trust models, organizations can build on these established foundations to create trusted AI environments.

As organizations deploy agentic AI at scale, what are the key issues when it comes to building structure around agent security and governance?

The first challenge is visibility. Many organizations cannot confidently answer questions about which agents are operating, what data they have access to, whose credentials they are using, or how they can be stopped if necessary. As agent adoption grows, organizations need stronger governance, accountability, and oversight. Establishing clear ownership, understanding agent behavior, and creating mechanisms to manage and control agents are critical steps toward addressing shadow AI and reducing risk.

What are some best practices around agent identity and enforcement?

AI agents are workloads that need strong, verifiable identities that allow organizations to know exactly what an agent is, what it is authorized to do, and who is responsible for it. Rather than relying on shared credentials or static access controls, organizations should use cryptographic identities, short-lived credentials, and policy-based authorization. Identity should be tied to governance, ownership, and enforcement mechanisms that ensure agents operate within approved boundaries and can be monitored, managed, or revoked when necessary.

We’re seeing increasingly complex, proprietary AI models used to make critical decisions; what are the key challenges when it comes to deploying and securing AI models?

AI models introduce challenges around integrity, protection, governance, and trust. Model creators need to protect valuable intellectual property, while model users need assurance that models have not been tampered with and are operating as intended. Organizations also need to protect sensitive data used during inference and maintain visibility into model provenance and lifecycle management. As AI ecosystems become more distributed, ensuring model integrity and securing execution environments becomes increasingly important.

Now that synthetic media is so ubiquitous, what trust challenges have arisen, and how can they be addressed?

The challenge is not simply determining whether content is real or fake—it is creating transparency around how content was created and how it has changed over time. People increasingly want to know who created content, what tools were used, whether it has been modified, and where it originated. 

Standards such as C2PA help provide this transparency by attaching verifiable provenance information to digital media. The goal is to give audiences greater visibility into content origins and history so they can make more informed trust decisions.

What next steps should IT and security professionals take?

Organizations should start by understanding what AI systems already exist within their environment, including agents, models, and AI-enabled applications. From there, they should establish governance, ownership, and security controls that can scale as adoption grows. Rather than reacting to AI after it has spread across the organization, leaders should proactively create trusted frameworks and guardrails that support innovation while maintaining visibility, accountability, and control.

Learn how to build trust in AI

AI adoption is moving quickly, and organizations need practical ways to build trust into AI systems from the start. Watch the on-demand webinar to learn more about proven trust models, emerging standards, and practical steps for securing AI agents, models, and content.

Subscribe to the blog