{"id":8294,"date":"2026-05-28T10:02:00","date_gmt":"2026-05-28T10:02:00","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=8294"},"modified":"2026-05-28T10:02:00","modified_gmt":"2026-05-28T10:02:00","slug":"the-ai-governance-imperative-you-cant-afford-to-ignore","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=8294","title":{"rendered":"The AI governance imperative you can\u2019t afford to ignore"},"content":{"rendered":"
\n
\n
\n
\n
<\/div>\n

CIOs rushing to roll out AI agents without real visibility into their decision-making processes are flirting with disaster.<\/p>\n

According to AI experts, deploying agents without observability processes and tools creates a ticking time bomb with the potential for huge negative consequences<\/a>.<\/p>\n

Many companies are deploying AI agents and expecting them to increase productivity with little human intervention, observes T.J. Marlin<\/a>, CEO of AI security firm Guardrail Technologies. That\u2019s the wrong approach<\/a>, he says. Instead, IT teams need to keep a close eye on agents and adjust policies and practices throughout the agentic process.<\/p>\n

\u201cIt\u2019s not just set it and forget it like a crock pot,\u201d he says. \u201cYou don\u2019t put it in the kitchen in the morning with the chicken inside and come back at night and have a great dinner. The organizations doing that are going to be on the front page because they just had some terrible thing happen to them.\u201d<\/p>\n

Many organizations are rapidly deploying agents because of a fear of missing out<\/a>, while not understanding the nuances of the technology, Marlin says. Some IT leaders seem to compare agents to robotic process automation<\/a>, when RPA results are far more deterministic, he adds.<\/p>\n

\u201cThere\u2019s a talent shortage and a knowledge shortage and people are building at pace without checking whether it\u2019s correct and it\u2019s operating as expected,\u201d he says. \u201cThose are all the hallmarks of the worst disasters that I\u2019ve seen across my career.\u201d<\/p>\n

A recent report<\/a> from agent governance vendor TrueFoundry puts numbers behind fears of unregulated agents. A survey of more than 200 enterprise AI leaders found that 54% of organizations represented can\u2019t fully trace what their agents are doing and 56% have no centralized agent control or governance layer<\/a>.<\/p>\n

While TrueFoundry has an interest in driving agent governance forward, many other AI experts see the same problems.<\/p>\n

Governing blind<\/h2>\n

Difficulties with governance and observability are major impediments to the deployment of productive agents, and many organizations are deploying agents without creating a centralized list of them, says Mahesh Kumar Goyal<\/a>, senior data and AI expert at Google.<\/p>\n

\u201cMost enterprises have no inventory of the agents already running in production \u2014 they\u2019re trying to govern what they can\u2019t see,\u201d he says.<\/p>\n

In addition, traditional SIEM<\/a> and EDR<\/a> security tools were built to spot human anomalies, not rogue agents, he notes. \u201cAn agent running code perfectly 10,000 times in a row looks normal even if it\u2019s been hijacked,\u201d he says.<\/p>\n

Running fully autonomous agents is not a good idea, he adds, and organizations need to think about least-privilege scoped tool permissions, policy enforcement layers that mediate every prompt and tool call, and end-to-end tracing that stitches prompts, tool calls, and downstream actions into one auditable trail.<\/p>\n

\u201cThe financial system doesn\u2019t run on trust; it runs on auditability, reconciliation, and circuit breakers,\u201d Goyal says. \u201cAgents will mature the same way. Tiered autonomy is the realistic answer: free rein on low-stakes tasks, human-in-the-loop on consequential ones.\u201d<\/p>\n

Part of the problem is that agents have upended the models used to determine whether traditional software was running correctly, adds Adel El Hallak<\/a>, vice president of AI software at Nvidia. With traditional software, QA and security professionals could look at the code to debug problems, but agents make decisions in the runtime environment of an AI model.<\/p>\n

The source of truth for agents resides in the traces, the records of the execution flow, not in the code, he adds. Collecting traces \u00ad\u00ad\u2014 in essence, detailed logs \u2014 is a start toward agent governance, but organizations need to be able to act on the information, he says.<\/p>\n

\u201cFor you to trust something, it has to be transparent, and observability is foundational to transparency,\u201d El Hallak adds. \u201cBut just observing is not enough. We need to be able to take those signals and turn them into something actionable.\u201d<\/p>\n

Agent governance<\/a> goes beyond observability to allow organizations to test and fine-tune agents continuously, he says. The tools are out there, with companies like Nvidia building their own internal governance frameworks, and several other vendors offering agent observability and governance tools, he notes.<\/p>\n

\u201cIt\u2019s not enough to just have the behavioral data, to capture the feedback data,\u201d he says. \u201cThe system should allow me to annotate, change, augment, or create additional feedback data, and then I can use that data to improve my agent as a whole.\u201d<\/p>\n

The governance bottleneck<\/h2>\n

At the same time, many companies moving into agent governance have found it can be a huge bottleneck if done wrong, says Nirmal Ganesh<\/a>, senior director of product management for agentic workflow automation at cloud storage vendor Box.<\/p>\n

\u201cI don\u2019t believe we are past the hard part yet in terms of deploying agents in the enterprise,\u201d he says. \u201cMost companies are not yet good at those, and far fewer of them have gotten good at running them at scale with agent governance and observability.\u201d<\/p>\n

Ganesh sees several problems, including agents running without clear permission models. \u201cIf an agent can see more than a person or access more than a person\u2019s permission on content or data, that\u2019s an incident is waiting to happen,\u201d he says.<\/p>\n

However, some early agent governance models don\u2019t scale. Some IT teams have defaulted to a position of humans needing to approve every agent output because that\u2019s the safest option, he says.<\/p>\n

\u201cIn reality, this is rebuilding manual process with more checkpoints or suggestion points,\u201d Ganesh says. \u201cAt a high volume, governance is your bottleneck to scale and no longer your safely net.\u201d<\/p>\n

Organizations need observability and governance processes in place that are both scalable and comprehensive, he adds. Agent ROI will come from strong guardrails, clear permission models, and clear human-in-the-loop involvement, he says.<\/p>\n

\u201cEvery mature automation needs ongoing observability \u2014 workflows change, policies change, decisions change, new use cases show up,\u201d he says. \u201cHuman intervention is always needed for what changes over time, but we need less intervention for known paths and more focus on exception handling and governance fine-tuning.\u201d<\/p>\n

Observing output is not enough<\/h2>\n

Governance can\u2019t just focus on agent output, adds Marcelo Lorenzetti<\/a>, founder and CAIO at legal services AI vendor SavvyLex.<\/p>\n

\u201cThe biggest challenge is not simply whether an agent produces a good answer,\u201d he says. \u201cIt is whether the organization can prove what the agent accessed, what instructions it followed, what tools it invoked, what decisions it made, where a human intervened, and whether it stayed within authorized boundaries.\u201d<\/p>\n

Without a full level of runtime visibility, companies are left with screenshots, logs, and after-the-fact explanations that may not meet legal, compliance, or security requirements, he says.<\/p>\n

Agents should be continuously verified instead of fully trusted, he adds, with governance engineered into the agent architecture itself. Governance should include role-based access, policy-bound execution, human approval thresholds, source and tool provenance, immutable activity records, confidence scoring, exception handling, and clear escalation paths when an agent reaches the edge of its authority, he recommends.<\/p>\n

\u201cObservability should not be limited to whether the model responded,\u201d Lorenzetti says. \u201cIt should show the full decision path from input to action.\u201d<\/p>\n

AI agents have shifted the governance model that\u2019s needed, he adds.<\/p>\n

\u201cThe core problem is that many companies are moving from AI that answers questions to AI that takes actions, but their governance models are still built for passive tools, not autonomous workflows,\u201d he says.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"

CIOs rushing to roll out AI agents without real visibility into their decision-making processes are flirting with disaster. According to AI experts, deploying agents without observability processes and tools creates a ticking time bomb with the potential for huge negative consequences. Many companies are deploying AI agents and expecting them to increase productivity with little […]<\/p>\n","protected":false},"author":0,"featured_media":8295,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-8294","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/8294"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=8294"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/8294\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/8295"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=8294"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=8294"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=8294"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}