Darktrace Achieves Pioneering ISO/IEC 42001 Certification from BSI for Responsible AI Management & Development 

Darktrace, a global leader in Artificial Intelligence (AI) for cybersecurity, has achieved ISO/IEC 42001 certification. With this feat, Darktrace became one of the first cybersecurity companies globally to earn this certification. ISO/IEC 42001 is the world’s first international standard specifically for AI management systems, providing organisations with a structured framework to demonstrate their excellence in AI governance, risk management, and responsible AI deployment.

Will Booth, Director of Cybersecurity Compliance at Darktrace, stated: “As AI increasingly underpins mission-critical systems, it’s vital that organisations can trust the safety and efficacy of their AI tools, particularly in cybersecurity. In earning ISO/IEC 42001 certification, we’re assuring our customers that Darktrace meets the most rigorous standards of transparency, accountability, and responsible management throughout the entire AI lifecycle and that we’re delivering AI solutions that meet the highest ethical and operational standards.”

The certification verifies and enhances Darktrace’s existing responsible AI approach, which lays out the company’s principles for AI development, management and deployment, privacy, interpretability, security and robustness, accuracy, and ”do no harm.”

Darktrace partnered with BSI over an 11-month period to undertake the ISO/IEC 42001 certification. The process involved developing a comprehensive AI Management System that improved on existing processes, rigorous internal and external auditing, and evaluations spanning from the production and assessment of AI systems to the finer details of security research and HR processes.

Darktrace Achieves Wide Certification

The scope of Darktrace’s certification is particularly wide due to Darktrace’s unique Self-Learning approach to AI for cybersecurity, which uses multi-layered AI systems consisting of varied AI techniques to address distinct cybersecurity tasks.

The certification encompasses production and provision of AI systems based on anomaly detection, clustering, classifiers, regressors, neural networks, proprietary and third-party large language models for proactive, detection, response and recovery cybersecurity applications. It also includes all ISO 42001 Annex A controls.

This achievement expands Darktrace’s current certified compliance framework, which includes our ISO/IEC 27001, ISO/IEC 27018 and Cyber Essentials certifications. With these, Darktrace demonstrates a strong commitment to the protection of our technology, data, customers and people, alongside, our AI systems and AI development practices.

ISO/IEC 42001 was developed by leading AI specialists, regulators, and industry professionals, ensuring alignment with current best practices. The standard allows organisations across all sectors, from startups to multinational enterprises, to align with best practices and fulfill their regulatory and ethical obligations. It will simplify AI procurement by providing a more comprehensive alternative to ad-hoc questionnaires, currently in wide use by buyers to evaluate AI systems and providers.

Dushyant Sanathara, AI Commercial Operations Director at BSI, said: “We congratulate Darktrace on becoming one of the first organisations globally to demonstrate their commitment to responsible AI and achieve ISO/IEC 42001 certification. This milestone underscores their leadership in implementing robust, responsible, and forward-thinking AI governance practices. The AI management standard ISO/IEC 42001 provides a globally recognised benchmark for managing AI systems ethically, securely, and transparently, in order to build trust in AI and ensure it can be a force for good. By achieving certification, Darktrace is helping to set the bar for trustworthy AI in cybersecurity and beyond. BSI is proud to have partnered with them on this achievement.”

You can find further information on ISO/IEC 42001 here: https://www.bsigroup.com/en-GB/products-and-services/standards/iso-42001-ai-management-system/.