supernav-iconWebinar: The Future of Cyber Security with Expert Keren Elazari

Contact Sales

  • Sign In
  • Get Started
HomeBlogCompliance Uncomplicated Episode 10: The Power of Secure AI Solutions With Labelbox

Compliance Uncomplicated Episode 10: The Power of Secure AI Solutions With Labelbox

Asset - Alexa Ovenshire Headshot

by Alexa Ovenshire

July 13, 2023
Asset - Uncomplicated Podcast - Labelbox
Labelbox: Empowering AI Innovation With Trust and ComplianceBuilding Trust in the Age of AINavigating Compliance and Leveraging DrataAdvice for Companies Getting Started on Their Compliance JourneyListen to the Episode

In our latest episode of Compliance Uncomplicated, we had the pleasure of hosting, Labelbox’s Senior Information Security Risk and Compliance Analyst, Derek Espiritu. Derek's expertise in compliance, security, and AI, and his passion for building trusting relationships, has been instrumental in shaping Labelbox's approach to delivering secure AI solutions.

Our very own Director of Creative Services at Drata, Elliot Volkman, spoke with Derek as he shared valuable insights into the nexus of compliance frameworks, AI, and data protection.

In this episode recap, we'll dig into the key highlights from the interview, giving you a peek into Derek's journey and the meaningful lessons he's picked up along the way.

Labelbox: Empowering AI Innovation With Trust and Compliance

Labelbox is a leading AI platform that delivers a full suite of services including data curation, AI-assisted labeling, model training and diagnostics, labeling services, and easy-to-use APIs. Labelbox's powerful annotation and data labeling platform makes training and refining computer vision and language models a breeze. Their wide range of tools and services enables organizations to build better AI products faster than ever before.

Labelbox’s Commitment to Compliance

Labelbox's proactive adoption of compliance frameworks, coupled with a robust security culture, demonstrates their dedication to trust and data protection—and adherence to key compliance frameworks as they’re currently undergoing both SOC 2 and ISO 27001 audits simultaneously.

Derek underscores that compliance isn't just about ticking boxes—it's a critical part of building trust with customers. By investing in compliance and adopting solid security practices, organizations can instill customer confidence and set themselves apart in the competitive AI landscape.

Building Trust in the Age of AI

In an era where AI advancements are rapidly evolving, trust becomes even more paramount. Derek drew attention to the potential risks associated with AI and data breaches, emphasizing that as AI innovates, so do the efforts of malicious actors.

"Breaches happen, and they're happening all over the place. As much as AI is innovating, so are the red teams and the black hats."

The need for trust amplifies with the vast amounts of data that AI models process. He used ChatGPT, one of the largest language models of all time, as an example—it holds trillions of data points, each one potentially up for grabs.

Investing in compliance and adopting robust security practices lets organizations instill confidence in their customers. This trust factor becomes a competitive edge, enabling organizations to better differentiate themselves and establish long-lasting partnerships.

Transparency Instills Confidence

Derek also touched on how transparency around security measures and adherence to robust compliance frameworks instills confidence in customers.

Labelbox embraces transparency as a way to instill confidence in its customers. By providing a comprehensive security documentation package to customers after signing an NDA, Labelbox offers detailed insights into their security practices. This transparency builds trust and reassures customers that their data is in safe hands.

Navigating Compliance and Leveraging Drata

In this episode, Elliot and Derek dive into the intricacies of compliance frameworks, with a particular focus on SOC 2 and ISO 27001.

Derek stressed the importance of these frameworks as the gold standard for organizations, referring to Labelbox's decision to pursue both simultaneously. Being audited against these frameworks demonstrates Labelbox's commitment to providing the most secure platform for customers.

The conversation also touched on the challenges of managing multiple audits at the same time. Derek highlighted the importance of careful planning and coordination to ensure a smooth process. By maintaining an organized calendar, following a structured approach, and using Drata, Labelbox efficiently manages its compliance initiatives.

Embracing Compliance Platforms

Leveraging a compliance automation platform can vastly simplify the process of maintaining compliance and security.

Derek shared his experience being introduced to Drata when he joined Labelbox, and how it opened his eyes to the possibilities of streamlined evidence collection processes and time-saving documentation management.

“Drata transformed the tedious process of manual evidence collection into an efficient, centralized experience.”

By adopting compliance platforms like Drata, organizations can streamline their compliance processes, improve efficiency, and maintain an up-to-date security posture—focusing on core security practices while meeting compliance requirements.

Advice for Companies Getting Started on Their Compliance Journey

For organizations embarking on their compliance journey, Derek offers valuable advice throughout the episode:

Start Now

As Derek puts simply, “The best time to start is now.” Don't delay—start implementing security and compliance measures as soon as possible. Even basic policies can show customers that you are committed to protecting their data.

Research Applicable Frameworks

Start by researching the compliance frameworks that are relevant to your industry. SOC 2 and ISO 27001 are considered gold standards and should be implemented as early as possible.

Build a Security Culture

Foster a security-first mindset within your organization. Conduct security awareness training and encourage practices like screen locking and laptop security, especially in remote work environments.

Prioritize Transparency

Embrace transparency by providing comprehensive security documentation to customers. This transparency builds trust and instills confidence in your organization's security practices.

Embrace Compliance Platforms

Leverage dedicated compliance platforms, like Drata, to streamline your compliance processes. These platforms simplify evidence submission and documentation management, allowing you to focus on core security practices.

Listen to the Episode

As organizations embark on their compliance journeys, they can learn from Derek’s experiences and the practices implemented at Labelbox. By prioritizing compliance, embracing security best practices, and leveraging innovative AI platforms, organizations can build trust, protect data, and create remarkable AI products that drive the future of technology.

To learn more about Labelbox's suite of products and services, visit Labelbox's website. You can also reach out to Derek directly via email at [email protected] for further questions or to chat more about the exciting possibilities of AI innovation.

Listen to the full episode of Compliance Uncomplicated with Labelbox’s Derek Espiritu on Spotify, Apple Podcasts, Amazon Music, and YouTube.

Want to be in the know? Subscribe to our newsletter, Trusted, to keep up with the latest news.

Trusted Newsletter
Resources for you
8 Benefits of Shift Left Compliance

7 Benefits of Shift-Left Compliance

G2 Summer 2024 Thumb

Drata Shines in G2 Summer 2024 Reports

Image - Drata GRC Maturity Model

Charting Your Course to Compliance Excellence: Navigating the Drata GRC Maturity Model

Asset - Alexa Ovenshire Headshot
Alexa Ovenshire
Drata Multimedia Producer

Put Security & Compliance on Autopilot®

Close more sales and build trust faster while eliminating hundreds of hours of manual work to maintain compliance.

Get Started
Related Resources
Image - Drata GRC Maturity Model


Charting Your Course to Compliance Excellence: Navigating the Drata GRC Maturity Model

Image - RSA AI Recap

RSA Conference 2024: Regulations and AI Set to Clash

GRC Maturity: Manual Risk Management Programs Fall Behind

GRC Maturity: Manual Risk Management Programs Fall Behind

DDRR Recap

A Recap of Drataverse Digital: Risk and Reward