Intelligenza artificiale (IA)
When AI Grows Faster Than Security Strategy
I think we can all agree that artificial intelligence has evolved from innovative projects into a business reality. New use cases emerge daily as employees experiment with generative AI tools, and organizations increasingly integrate AI into business processes.
Save to Folio
I think we can all agree that artificial intelligence has evolved from innovative projects into a business reality. New use cases emerge daily as employees experiment with generative AI tools, and organizations increasingly integrate AI into business processes. The key question is no longer whether AI will be adopted, but how quickly it can deliver tangible business value.
Yet while AI adoption is accelerating rapidly, governance and security measures are coming under increasing pressure. A recent TrendAI worldwide study of 3,700 business and IT decision-makers revealed that two-thirds of organisations (66% of IT decision makers and 68% of business decision makers) felt pressure to approve AI initiatives despite potential security risks.
Companies are accepting risks and what is remarkable is that they believe that these risks are already well understood. The challenges often lie in the lack of transparency, governance frameworks, and appropriate control mechanisms needed to manage these risks effectively. These trends are precisely why the advisory role is emerging as one of the most compelling opportunities for service providers and channel partners.
When Innovation Outpaces Governance
The findings of our study clearly illustrate the pace of change. More than half of the organizations report that AI is evolving faster than they can secure it. While AI governance is advancing, only 44% of IT decision makers and 32% of business decision makers say comprehensive AI governance policies are already in place.
Adding to the challenge, nearly half of respondents expressed only low to moderate confidence in their understanding of the legal and regulatory requirements surrounding AI deployment.
In practice, this often means that AI is already used productively while policies, processes, and control mechanisms are still under development. For service partners, this represents a significant opportunity. Customers increasingly need support not only with AI adoption but also with ensuring that AI is deployed securely, responsibly, and with effective controls.
AI Risks Begin with a Lack of Visibility
Although many discussions around AI focus on models, prompts, or productivity gains, from a security perspective, the challenge begins much earlier.
Many organizations still do not have a clear picture of which AI applications are actually in use. Employees rely on public AI services, business units test new tools, and early automation initiatives often emerge outside established IT processes. As a result, a new form of the prevalent ‘shadow IT’ is emerging but around ‘shadow AI’.
The consequence is a lack of visibility. Organizations struggle to assess risks because they often do not know which data is being processed, which applications have access to corporate information, or where sensitive data may be leaving the organization. And just like with any other technology deployment, you can only protect what you can see.
AI Requires Leadership, Governance, and Control
The deeper AI becomes embedded in business processes, the more important questions of accountability and control become. Who is allowed to use which AI services? What data may be processed? And by whom? How can decisions be traced and explained? And how can organizations ensure compliance with regulatory requirements? Answering all these questions is critical but they are also shaped by a rapidly evolving regulatory landscape.
These questions are no longer solely the responsibility of IT departments. They increasingly involve executive leadership, compliance, data protection, and risk management teams alike. As a result, AI security is rapidly becoming a governance issue.
Nobody wants to slow down innovation but the challenge is to make it manageable rather than dangerous. Organizations need guardrails that enable them to leverage new technologies productively without sacrificing transparency and control.
Agentic AI Intensifies the Governance Challenge
This evolution becomes even more significant with the rise of agentic AI systems. While generative AI primarily creates content or provides information, agentic systems can independently execute tasks, prepare decisions, and interact with other applications. This creates new opportunities while introducing a whole new category of risks.
According to our study, access to sensitive data remains the leading concern, cited by 44% of IT decision makers and 41% of business decision makers, while a lack of observability and audability concerns around a third of respondents. In other words, many organizations already understand where the challenges lie.
Why Customers Are Looking for Guidance Now
This is where the role of many service providers is beginning to change.
Customers are no longer asking for a single AI security product. They want to understand what risks exist, which measures are appropriate, and how innovation and security can be balanced effectively.
As a result, organizations are increasingly looking for partners who can provide visibility, identify risks, and support governance processes. But this cannot remain in isolation as these organizations strive to bring together insights from multiple data sources and translating them into actionable recommendations.
Modern platforms such as TrendAI Vision One can help by providing visibility across multiple layers of risk, from identities and endpoints to cloud and AI environments. Yet the real value lies not in the technology itself, but in the ability to transform that visibility into meaningful guidance for customers.
And I have to stress that this last point is vital as without offering a beneficial path forward, organizations will not be able to mitigate the most damaging outcomes of AI based risks.
The Real Work Starts Now
When you pour through all the data and speak with partners and customers alike, the key question is not whether organizations will adopt AI, but how well prepared they are to understand and manage the risks that come with it.
Our study clearly shows that a gap still exists between the pressure to innovate and the maturity of security practices. For service providers, there is an existing and rapidly growing need to support customers with transparency, governance, and risk management that is vital to support the AI evolution.
Ultimately, the success of AI will not be measured by how quickly organizations deploy new applications, but by how securely and responsibly they are able to use these technologies over the longer term. Service providers need to be ready to answer the call and offer the critical guidance that will turn significant risks into substantial rewards.