Leaders who guide their teams toward the right AI use cases won't just minimize risk; they will gain a competitive advantage.
of C-level executives revealed that most surveyed leaders believe agentic AI will be the industry standard for software development within the next three years. Leveraging AI for software development presents an industry-wide security challenge, with 85% acknowledging that agentic AI will create unprecedented security challenges.
The survey data revealed how CISOs must reconcile two competing imperatives: They should not block AI adoption, but they must minimize emergent security risks. With 91% of executives poised to increase AI investment in software development over the next 18 months, every new AI advancement further raises these stakes.Most security leaders are painfully aware of the top agentic AI risks that respondents cited: cybersecurity threats , data privacy and security and maintaining governance . The landscape and even definitions of these risks are evolving and are deeply intertwined. Organizations must establish a governance model for AI to evolve their security strategy alongside emerging AI risks. However, doing so is not straightforward, with AI crossing many technology and security domains from data governance to identity and access management. Nevertheless, almost half of those surveyed admitted their organization has not implemented regulatory-aligned governance or internal policies for AI. The lag in AI governance stems from legitimate industry-wide challenges, making it difficult for leaders to identify the most effective places to invest their time and effort. The non-deterministic nature of agents causes them to behave in unexpected ways, which has proved to disrupt existing security boundaries. Furthermore, security complexity is increasing with the introduction of universal protocols, such as Model Context Protocol and Agent2Agent, which simplify data access and enhance agent interoperability to build ecosystems. However, these challenges cannot stop security leaders from prioritizing AI governance. If you're awaiting comprehensive best practices for this dynamic technology, you'll be playing a perpetual game of catch-up. Any organization that avoids AI adoption altogether will still be exposed to AI risk through vendors and shadow AI usage in their environment.The time to prepare for AI agents is now, and CISOs can start by establishing AI observability capable of tracking, auditing and attributing agentic behaviors across environments. CISOs can take a few steps today to reduce AI risk and improve governance:As AI systems proliferate, tracking and securing these non-human identities becomes just as important as managing human user access. One way to achieve this is through composite identities, which link an AI agent's identity with that of the human user directing it. When an AI agent attempts to access a resource, you can authenticate and authorize the agent and clearly attribute activity to the responsible human user.Operations, development and security teams need ways to monitor the activities of AI agents across multiple workflows, processes and systems. It's not enough to know what an agent is doing in your codebase. You also need to be able to monitor its activity in both staging and production environments, as well as in the associated databases and any applications it accesses.A culture of security now requires AI literacy. Our survey found that 43% of respondents acknowledged a widening AI skills gap, which is likely to grow unless technical leaders prioritize upskilling teams to understand model behavior, prompt engineering and how to critically evaluate model inputs and outputs. Understanding where models are performant versus where their use is suboptimal can help teams avoid unnecessary security risk and technical debt. For example, a model trained on anti-patterns will perform well at detecting those patterns but will not be effective against logic bugs it has never encountered before. Teams should also recognize that no model can replace human expertise. If the model performs poorly in an area a security engineer or developer is less familiar with, they will not be able to identify the security gaps the model has left behind. CISOs should also consider dedicating a portion of learning and development budgets to continuous technical education. This fosters AI security expertise in-house, allowing newly minted AI champions to educate their peers and reinforce best practices.When AI is monitored and used in the right way, executives confirm that it improves security. In fact, 45% of respondents ranked security as the top area where AI can add value for software development. AI used as an accelerant, not a replacement for expertise, can democratize security knowledge across development teams by automating routine security tasks, providing smart coding recommendations and offering valuable security context directly within developers' workflows. For example, AI can provide explanations for vulnerabilities, allowing developers to fix issues more quickly without waiting for security to provide the same context. The net result of capabilities like these is improved security outcomes, reduced risk and greater understanding for enhanced collaboration between developers and their security peers. The organizations that thrive won't be those that avoid AI nor those that adopt it recklessly. It will be those who build security into their AI strategy today. Even if imperfect, establishing foundational controls now will help teams adapt quickly as the landscape shifts. If the executives surveyed are right, the three-year clock is already ticking. Leaders who guide their teams toward the right AI use cases won't just minimize risk; they will gain a competitive advantage. After all, the security of your software is a core component of its quality.
United States Latest News, United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Learn to honor your grief, prepare for triggers and lean on support when needed.Anniversary dates tied to pregnancy loss can stir unexpected emotions. Explore why these reactions happen, common triggers to watch for, and how to cope and heal with intention.
Read more »
SF Giants drop two of three to Cardinals, prepare for crucial six-game homestandThe Giants remain four games back of the New York Mets for the final NL wild card spot
Read more »
French prime minister faces the axe as lawmakers prepare to hold confidence votePrime Minister Bayrou has failed to win over enough opposition lawmakers to his proposals to make around 44 billion euros ($51.3 billion) in budget cuts.
Read more »
Entrepreneurs, investors, and business leaders prepare for 2025 San Antonio Startup WeekSan Antonio Startup Week has reached its 10th year of bringing together entrepreneurs, investors, and business leaders for conversations about the Alamo City’s economic future.
Read more »
Colleges Race To Prepare Students For The AI WorkplaceUniversities race to prepare students for the AI workplace, teaching generative AI skills, strategic AI literacy, and future workforce training as entry-level jobs vanish
Read more »
Immigrant rights groups prepare to protect Chicago neighbors amid ICE crackdownAs the Department of Homeland Security officially announced a ramped-up immigration enforcement effort in Chicago, local community groups said the ICE operation is more about stoking fear than making the city safer.
Read more »