Andrew Burt is a lawyer, entrepreneur, and former national security official widely recognized as one of the world's leading experts in the intersection of law and artificial intelligence.
Over the last decade, he has built companies, law firms, and software systems that have revolutionized how AI is managed for legal risks, and his work has impacted hundreds of millions of people around the world.
As a pioneer in the field of legal engineering, he founded and led the world's first legal engineering team focused on automating data governance in 2016. In 2019, he co-founded and later sold the first-ever law firm run by lawyers and data scientists solely focused on artificial intelligence.
He is co-founder and CEO of Luminos.AI, the first AI governance company focused on legal risk, where he currently serves as CEO.
In this episode…
Companies are adopting AI faster than they can set guardrails around it. Privacy and legal teams can review an AI model or approve a vendor contract, but AI governance doesn't stop there. Risk varies by use case, including whether the system is internal or customer-facing and the level of human oversight involved. As organizations connect new AI tools, chatbots, and agents to more business processes and systems, AI governance has to move from policy to a scalable structure.
One of the biggest challenges companies face is making governance work at the same speed as AI adoption. Andrew Burt knows this well as a co-author of the NIST AI Risk Management Framework, where he helped shape how companies identify, document, and manage AI risk. Turning frameworks into action is where organizations often get stuck. Implementing AI guardrails requires involvement from legal, privacy, security, compliance, engineering, and other business teams. Yet when too many people share responsibility without a lead decision-maker, it can create what Andrew calls "governance debt." Effective governance starts with accountable leadership and a working connection between the teams writing the rules and the teams building the AI systems. This means moving beyond policy-heavy approaches so governance can scale with the business and the technology.
In this episode of She Said Privacy/He Said Security, Jodi and Justin Daniels talk with Andrew Burt, Co-founder and CEO of Luminos.AI, about the challenges of scaling AI governance. Andrew explains why traditional governance models struggle to keep up with how quickly AI systems are built and deployed. He breaks down the differences between managing risk at the model level and at the use-case level, including why the same AI tool can carry different risks depending on its use. Andrew also shares his prediction for the future of AI regulation in the United States and offers practical steps companies can take to strengthen AI governance.