• Not all AIs are equal so CIOs need to prioritize actions when ass

    From TechnologyDaily@1337:1/100 to All on Thu Jun 11 15:15:26 2026
    Not all AIs are equal so CIOs need to prioritize actions when assessing risks

    Date:
    Thu, 11 Jun 2026 14:01:16 +0000

    Description:
    As AI agents proliferate, CIOs need smarter identity governance and
    risk-based security controls.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter The US Declaration of Independence states that all men are created equal but a modern response may be to argue that not all AIs are equal.

    Some AI tools help us with everyday rote tasks while other forms of AI at the other end of the spectrum can potentially change the ways in which business and society operate. In terms of data security, protection, privacy and corporate governance risks, you cant realistically treat these as the same, even if they both fit under the catch-all AI umbrella. Latest Videos From Watch full video here: Jonathan Neal Social Links Navigation

    SVP & Field CTO, Saviynt. So, for IT management struggling to keep up with
    the exposure threats associated with AI-infused applications, agents and processes, calibrating the risks based on AI variants is a smart first move.

    Heres the problem and conundrum: AI is great and the desire to capitalize on it to create transformative effects is vast, but we are drowning in AI. To take just a few statistics McKinsey says 62% of enterprises are at least experimenting with AI and PwC says 79% are deploying AI agents. IDC predicts that there will be 1.3 billion AI agents in operation by 2028. You may like
    If everyone is rushing to board the AI ship why are so few workflows secure? AI agents are creating a major security blind spot in financial services AI agents are the new unmanaged endpoints

    CIOs, CTOs and others want to impress their organizations by creating new levels of automation to reduce costs and save time, identify insights that
    may otherwise have languished undiscovered, and to liberate staff from rote tasks and performing vast computational sums that agents are better at than humans.

    But is there a catch to all this laudable ambition? Well, the familiar challenges of security and governance are certainly perceived as obstacles. So, while the AI uber-trend will doubtless accelerate process automation and discovery, more than half of respondents (52%) to the PwC survey list cybersecurity as a number-one or number-two concern when employing agents.
    Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

    Another persistent hurdle is change management. Technological change can be overwhelming when all the processes, ingrained pattern recognition habits and domain knowledge we possess are threatened by disruptive new waves of activity. To manage this, CIOs, CISOs, risk officers and others need to establish a baseline. Keeping score Just as with proliferation of software applications in the client/server era and the rise of cloud services later,
    IT leaders should perform a discovery process to see what is going on in
    their estates. What is needed is a purpose-built capability. Much like ITAM, CMDB or CASB was for Shadow IT, but this time for monitoring. In this way, it is possible to create a journal of record and system of access for the Identity and AI age.

    IT chiefs may find that many of the AI activities they observe can be ticked off as relatively safe. Personal agents to scan, parse and understand data, for example, will carry minimal risk. We can say the same for the sorts of AI summary services that are built into online search tools or personal information management programs. What to read next A live operational risk: Why AI agents are outrunning your security How enterprises can safely scale agentic AI Maintaining cyber control when AI can act autonomously

    However, in an agentic AI enterprise world we need to progress (and process) with caution. Both the power and the risks of agentic AI processes lie in the ability to cross tolls, systems and workflows and to automate. In these early days of agentic AI its natural that missteps will be made. Some pioneers will fail to erect appropriate guardrails, meaning that agentic workflows may have more machine autonomy than is desirable, leading potentially to loss of data, wiped records, privacy intrusions, policy infringements and other familiar woes. The old IAM wont cut it We already see many examples of agentic AI processes being waved through by legacy identity management services as if they were new hires on an HR roster. For these processes, attention to decision attribution, context, intent, input and warning signals will need to be evaluated and weighed before identity access is granted.

    Also, CIOs and CISOs need to be on guard against over-excitement where AI enthusiasts, perhaps frustrated by the constraints of corporate IT
    governance, experiment and even deploy unapproved tools and services to get the job done. They need to control Shadow IT and skunkworks projects so that humans (or agents) are not doing their own thing.

    We need to understand our known and unknown factors and to encourage progressive AI use but with cascading approval levels depending on role and task. We need practical guardrails backed by tools and a culture that help us to course-correct when we veer off track into dangerous areas.

    Identity is at the heart of all this. By having a system that controls what AIs have access to what services and through constant monitoring and zero-trust security thinking, organizations can get the best out of AI
    without incurring risks.

    Otherwise they may be exposed to a new threatscape where attacks occur not just on business operations but on shop floors, factories and utilities that are increasingly powered by the confluence of IT and OT, the Internet of Things and agentic AI flows. We list the best RPA software . This article was produced as part of TechRadar Pro Perspectives , our channel to feature the best and brightest minds in the technology industry today.

    The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit



    ======================================================================
    Link to news story: https://www.techradar.com/pro/not-all-ais-are-equal-so-cios-need-to-prioritize -actions-when-assessing-risks


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)