85% of IT teams claim every AI agent is under control. Only 42% actually know who owns them.

The use of artificial intelligence (AI) in organizations is becoming increasingly prevalent, but a new study by Ivanti has revealed that organizational leaders are almost twice as likely to hide their AI usage compared to other employees. This hidden usage raises concerns about governance and accountability within companies.

According to the research, 42% of organizational leaders conceal their AI usage, with 52% admitting to doing so for a “secret advantage.” This lack of transparency can have serious implications, as highlighted by Sam Evans, CISO of Clearwater Analytics, who emphasized the risk of employees using AI engines without proper management. Evans stressed the importance of implementing solutions to address these risks, rather than simply acknowledging them.

The survey conducted by Ivanti also found that while 85% of IT professionals claim there is a named owner for every AI agent, only 42% believe ownership is clear. This discrepancy points to a governance gap that existing frameworks are failing to address. Without clear ownership and accountability, organizations are at risk of facing security breaches and data misuse.

The scale of AI applications within organizations further complicates governance efforts. Companies are seeing a rapid increase in the number of AI apps being used, with potential risks such as unauthorized access to sensitive data and intellectual property. CrowdStrike, for example, has detected 1,800 AI applications operating across millions of endpoint instances, highlighting the challenges of monitoring and controlling these technologies.

The governance challenges extend beyond deployment to runtime, where issues such as model provenance, behavioral drift, and unauthorized permissions expansion can occur. Without proper oversight and enforcement mechanisms, AI agents can potentially rewrite security policies, access sensitive information, and generate errors with operational impact. This underscores the need for continuous monitoring and governance throughout the AI lifecycle.

To address these governance gaps, organizations need to prioritize accountability, transparency, and enforcement mechanisms. By asking critical questions during vendor renewals and ensuring that policies are followed consistently, companies can strengthen their governance frameworks and mitigate risks associated with AI usage. Additionally, implementing safeguards such as per-action authorization and trust thresholds can help prevent unauthorized actions and errors.

In conclusion, the increasing reliance on AI in organizations necessitates a proactive approach to governance and accountability. By addressing the challenges highlighted in the Ivanti survey and implementing robust governance practices, companies can harness the benefits of AI while mitigating risks and ensuring compliance with regulatory requirements.