AI governance is a key enterprise concern. Organizations are assembling councils, publishing principles, rolling out “approved AI tools” lists, and asking employees to opt in to acceptable use policies. In most enterprises, however, the reality is that AI is already widely embedded in employees' daily work, often outside sanctioned channels and oversight. The visibility and control mechanisms needed to govern AI use are immature or nonexistent.
The result is a widening gap between what leadership desires for AI governance and what’s happening inside their organizations. CIOs must turn to technology guardrails capable of transporting AI governance intent from the realm of policy principles to the world of production environments, with scalable visibility and enforcement.
Shadow AI Is the Default
Visibility is among the biggest challenges in AI governance: A recent survey found 45% of employees have used AI tools for work without informing their manager.1 Shadow AI can take many forms, including AI-enabled web apps, browser extensions, desktop apps, and SaaS platforms.
Shadow AI isn’t just a compliance problem — it’s a serious security and data exposure problem. Employees may paste sensitive data into chatbots, connect critical business accounts to AI-enabled workflows, grant AI applications excessive permissions, or expose proprietary corporate files to AI agents. Every AI connection creates a new identity relationship that organizations must understand and govern. A study published earlier this year found more than half of employees admit to connecting third-party AI tools with other work systems without IT department approval or oversight.2
Traditional governance and security controls weren’t built to observe and interrogate the new AI prompt and agentic interaction layer, nor were they designed to continuously evaluate the identities and permissions behind those interactions.
AI Policy Demands a Collaborative Approach
Legal and privacy teams are essential to the development of AI policy, but they can’t be the only authors. AI governance isn’t only about what’s allowed. It’s about what’s possible in the architecture, what’s safe in the threat model, and what’s useful to the business. Effective AI governance requires these stakeholders at the table:
- Business and product owners to align governance to outcomes, so controls don’t simply block innovation but shape it toward trusted, compliant, high-value use cases
- IT and security leaders to define threat scenarios (e.g., prompt injection, model supply chain risk, agent autonomy), establish controls, and ensure detection and response can extend to AI workflows
- Engineering leaders to weigh in on architectural possibilities and limitations and commit to implementing guardrails where they matter: strong identity controls, continuous authorization, logging, segmentation, safe tool use, and secure-by-default patterns in apps that call models
Determining AI governance policy is still a work in progress for many organizations. With multiple stakeholders and rapidly changing technology, it can be tricky to achieve alignment. An IBM study conducted last year found nearly two-thirds (63%) of organizations lacked AI governance policies.3 Even among organizations that reported having AI governance policies, more than half reported they lacked both approval processes for AI deployments and the technologies needed to enforce governance policy.
The success of AI governance depends on operationalization. Few organizations today have the means to assess adherence at scale, detect violations, and continuously prove their guardrails are working. A policy that can’t be enforced becomes an artifact — useful for signaling intent but unreliable as a risk management mechanism. AI governance must become measurable: What AI tools are being used? Where is data going? Which models are connected to which business processes? Which human and non-human identities can invoke those models, access sensitive data, or delegate actions to downstream systems? What’s the rate of policy exceptions, and are those exceptions becoming the norm?
AI Agents Raise the Governance Stakes
As AI technology rapidly changes, AI governance becomes harder. We’re moving from users asking questions of chatbots to the deployment of full-fledged AI agents that can plan, take actions, call tools, and chain tasks together.
These agents multiply both impact and risk. They can touch more systems, execute more steps, and make more decisions faster than traditional oversight loops. Risks can go beyond bad answers to unintended actions: sending data externally, changing records, triggering financial transactions, or interacting with third parties in ways no one anticipated.
Each AI agent operates as an identity, and they rarely operate alone. They increasingly function as part of an identity chain — a sequence of humans, agents, applications, APIs, and data stores connected through delegated trust. This creates implications for identity governance. Identity can no longer be treated as a point-in-time decision. As AI agents operate continuously, inherit permissions, invoke APIs, and interact with multiple systems, identity must become a continuously evaluated security signal based on real-time context.
The AI agent ecosystem evolves on a nearly daily basis. In the latest wave of open-source momentum, projects like OpenClaw have gained attention as developers experiment with increasingly capable agentic frameworks. Whether a given framework becomes businesses’ standard or not, the broader trend is clear: Capabilities are diffusing rapidly, and governance must account for AI tools that employees can adopt in an afternoon.
A Strategic Opening for CIOs and CISOs
Organizations that govern AI with discipline can scale it with confidence and move faster with fewer do-overs, fewer operational and security incidents, and greater credibility with customers, auditors, and regulators. CIOs, in close partnership with CISOs, are uniquely positioned to lead. Governance without security is hollow, and security without business and operational alignment fails to deliver durable outcomes.
Leaders can focus on three practical moves:
Enforce technical guardrails. Define what must be technically enforced (data classification rules, approved model endpoints, least-privilege access, authentication, logging, token controls, prompt and output handling) and what can be guidance. Then invest in the controls that make enforcement real.
Treat AI governance like an operational program. If AI governance is reviewed annually, or even quarterly, it’s already stale. Set and lead a weekly or monthly cadence with security, engineering, and business stakeholders to review adoption, incidents, exceptions, and new capabilities.
Define metrics and automate measurement. Governance should be provable. Track the number of AI tools in use, sanctioned vs. unsanctioned usage, sensitive data interaction rates, policy exception volume, agent deployments, and mean time to detect/respond to AI-related events. Automate collection wherever possible.
AI is moving too fast for more static, document-driven governance approaches of the past. Organizations that treat AI governance as theater will be surprised by shadow AI, agent sprawl, and incidents that were preventable. The enterprises that build guardrails grounded in visibility, identity, and continuous enforcement will earn something far more valuable than compliance: the ability to scale AI with confidence.
Additional Resources
- Learn how CrowdStrike Falcon® AI Detection and Response secures AI.
- CrowdStrike Services can help you assess your organization’s AI readiness — visit our Frontier AI Service Solutions page.
- Download our guide to explore the five steps for AI security readiness.
- Join us at Fal.Con 2026 as we bring together cyber leaders from across the industry to help secure the AI revolution.
1. Gusto, Is AI Coming for My Job? A Look Inside America’s Workplace Anxiety and What Employers Need to Know, July 14, 2025
2. BlackFog, BlackFog Research Reveals Rising Shadow AI Risks, Jan. 27, 2026
3. IBM Cost of a Data Breach Report 2025: The AI Oversight Gap
Facts Only
* Forty-five percent of employees have used AI tools for work without informing their manager.
* Shadow AI includes AI-enabled web apps, browser extensions, desktop apps, and SaaS platforms.
* Employees may paste sensitive data into chatbots or connect critical business accounts to AI workflows.
* More than half of employees admit to connecting third-party AI tools with other work systems without IT department approval or oversight.
* Traditional controls were not designed to observe the AI prompt and agentic interaction layer.
* Nearly two-thirds (63%) of organizations lacked AI governance policies.
* More than half of organizations with existing policies lacked approval processes for AI deployments and necessary enforcement technologies.
* AI agents can plan, take actions, call tools, and chain tasks, multiplying impact and risk.
* AI agents function as an identity chain involving humans, agents, applications, APIs, and data stores connected by delegated trust.
Executive Summary
Organizations face a significant gap between leadership desires for AI governance and the actual practice of AI use, as AI is widely embedded in daily work outside formal oversight. This results from immature visibility and control mechanisms regarding AI. The core challenge involves managing "Shadow AI," where employees use AI tools without managerial notification, often pasting sensitive data or connecting critical business accounts to external systems, creating undefined identity relationships.
Effective governance requires a collaborative approach involving business owners, IT/security leaders, and engineering leaders. Policy development must address not only allowed uses but also architectural possibilities and safety in the threat model. A policy alone is insufficient; successful governance demands operationalization through measurable metrics, such as tracking tool usage, data flow, and exception rates. Furthermore, the rise of AI agents elevates governance stakes because they can execute complex actions across multiple systems, requiring identity to be treated as a continuously evaluated security signal rather than a static decision.
Full Take
The narrative highlights a systemic failure where technological velocity outpaces governance structures, creating fertile ground for unmanaged risk. The concept of Shadow AI is not merely a compliance oversight but reveals a fundamental disconnect between control planes (policy) and execution planes (production environments). The transition from simple user interaction to autonomous AI agents introduces identity and access management challenges that legacy controls cannot handle, suggesting that the governance focus must shift from static rules to dynamic, continuous authorization.
The necessity for cross-functional input—business alignment, security threat modeling, and engineering implementation—points toward a pattern of fragmented ownership where policy is developed in isolation while operational reality exists elsewhere. This structure suggests that imposing top-down policies will fail unless technical guardrails are simultaneously enforced, measured against specific outcomes, and integrated into the continuous operational cadence, rather than being treated as an annual artifact. The implication is that true resilience stems from shifting the focus from documenting what *should* happen to engineering systems capable of guaranteeing what *is* happening across complex, rapidly evolving AI ecosystems.
Bridge Questions: If governance must be operationalized through continuous measurement and automated enforcement, what specific technological thresholds define a permissible risk for an autonomous AI agent in a production environment? How can organizations effectively architect identity systems that treat dynamic, context-aware agent interactions as primary security signals rather than secondary audit events? What mechanisms are necessary to ensure the collaborative alignment among business, security, and engineering teams when defining guardrails that balance innovation with necessary containment?
Sentinel — Human
The text exhibits a highly structured, analytical style characteristic of expert commentary, focusing on synthesizing emerging AI risks into actionable organizational strategy.
