Doppel has secured three ISO certifications covering AI governance, information security and privacy, making it among the first 350 organisations worldwide to achieve ISO/IEC 42001.
The certifications are ISO/IEC 42001 for artificial intelligence management systems, ISO/IEC 27001 for information security management systems, and ISO/IEC 27701 for privacy information management systems.
Together with Doppel’s existing SOC 2 Type II attestation, they provide an externally recognised set of controls for how the company manages AI systems, customer data and internal operations.
The announcement comes as concern grows over AI-assisted cyber attacks, particularly social engineering campaigns that combine phishing, impersonation, deepfakes and brand abuse. Doppel sells a platform designed to detect and disrupt those threats.
Governance standard
ISO/IEC 42001 is a newer standard focused on the governance of artificial intelligence systems. Being among the first 350 organisations to obtain it puts Doppel early in the adoption curve for formal AI management controls.
The standard covers areas including governance, accountability, risk assessment, monitoring and controls around the use of AI. According to Doppel, the work behind the certifications applies both to how its products are built and how customer information is handled.
Doppel said the three certifications are an important part of its broader trust and compliance framework as it expands internationally, where ISO standards are widely used by customers and procurement teams as benchmarks for supplier assurance.
Rahul Madduluri, co-founder and chief technology officer at Doppel, linked the certifications to the company’s work against increasingly advanced attack methods. “From day one, our mission has been to protect the world from social engineering attacks,” Madduluri said. “As these threats evolve and AI makes cyberattacks more effective than ever, we must hold ourselves to the highest standards for how we build, deploy, and operate our technology. Achieving these certifications is an important step in ensuring our customers can trust that their organizations are protected against increasingly sophisticated threats.”
Operational controls
Doppel said its platform is designed to address attacks that older tools struggle to stop, including phishing, deepfakes and online impersonation. It added that the controls reviewed during the certification process are embedded in day-to-day operations rather than added as a separate layer.
That point was echoed by David Forman of Mastermind, which was cited in the announcement. “Very few organizations reach this level of alignment across their systems, processes, and controls,” Forman said. “Doppel stood out in how its controls are consistently applied across the organization. They are built into day-to-day operations, not layered on afterward. That consistency is a clear indicator of a mature approach.”
ISO/IEC 27001 remains one of the most widely used standards for information security management, while ISO/IEC 27701 extends privacy management requirements. Combined with ISO/IEC 42001, the three certifications give buyers and partners a way to assess how an AI-focused security vendor handles governance, data protection and operational discipline.
Rising pressure
The backdrop is a broader shift in cyber risk, as attackers use generative AI tools to produce more convincing messages, mimic trusted contacts and scale campaigns across multiple channels. That has increased pressure on security vendors and enterprise software companies to provide stronger evidence of internal controls, especially where AI is involved.
Kendra Cooley, Senior Director of Information Security and IT at Doppel, said the shift has changed expectations around assurance. “As attackers use AI to scale and personalize social engineering, it is becoming increasingly difficult to distinguish what is real from what is not, dramatically expanding enterprise risk,” Cooley said. “The bar for trust, security, and operational standards has changed. Achieving the ISO Trifecta reinforces our commitment to building and using AI responsibly while maintaining the highest standards of security and privacy for our customers,” Cooley added.
The certifications follow Doppel’s recent Series C funding round and a period of expansion. The company said demand for protection against AI-driven social engineering has contributed to growth in its platform and team.
Click Here For The Original Source.
