The Schellman Blog

Artificial intelligence is reshaping the cyber threat landscape as attackers have already begun weaponizing AI to dramatically accelerate phishing, reconnaissance, payload development, and attack execution.

TAMPA, Fla. and SAN FRANCISCO, February 3, 2026 – Schellman, a leading provider of attestation and compliance services, today becomes the first authorized auditor of AIUC-1, the comprehensive security, safety, and reliability standard for AI agents, marking a significant milestone in AI compliance. As enterprises accelerate AI adoption and systems become more agentic, they face mounting challenges: security leaders confront novel attack vectors, legal teams navigate uncertain liability, and procurement processes slow under bespoke risk assessments. AIUC-1 addresses these challenges with a comprehensive, actionable standard specifically designed for AI agents.

The information in this article was originally presented on January 15, 2026, at a Public Hearing to the New York State Senate Standing Committee on Internet and Technology to discuss risks, solutions, and best practices with respect to the use of artificial intelligence in consequential or high-risk contexts, and related issues.

As interest in ISO 42001 certification has surged over the past year, we've heard a steady stream of questions from organizations seeking to build their AI governance strategy and operationalize their Artificial Intelligence Management Systems (AIMS) responsibly. From understanding practical preparation steps to what to expect during the audit, many teams are looking for clearer guidance as they navigate this newer management system standard.

As artificial intelligence becomes increasingly embedded in core business operations and customer-facing product offerings, organizations are under growing pressure to ensure their AI systems are safe, ethical, transparent, and well-governed. ISO 42001, the world’s first international standard for AI management systems, provides the structure needed to build trustworthy AI and demonstrate responsible governance to customers, regulators, and partners.

Not only is artificial intelligence changing how businesses operate; it's also changing how cybercriminals attack. As organizations rush to adopt AI systems, they face new security risks that traditional defenses can't handle.

People interact with Artificial Intelligence (AI) in many ways, but most commonly through written prompts, which is the method that's also the most familiar avenue for basic prompt-hacking techniques. However, the real concern for organizations lies beyond these simple exploits, with sophisticated attacks targeting enterprise AI systems. In this article, we'll explain how an attacker can weaponize AI assistants to extract proprietary data, manipulate decision-making, and even infiltrate corporate networks.

If you thought developing and implementing your AI system was a challenge, just wait until you attempt to ensure your AI system complies with conflicting international laws simultaneously.