As we near the end of 2025, there are two inconvenient truths about AI that every CISO needs to take into their heart.
Truth #1: Every employee who can is using generative AI tools for their job. Even when your company doesn’t provide an account for them, even when your policy forbids it, even when the employee has to pay out of pocket.
VP of Product at 1Password and the founder of Kolide.
Truth #2: Every employee who uses generative AI will (or likely has already) provided this AI with internal and confidential company information.
While you may object to my usage of “every,” the consensus data is quickly heading in this direction. According to Microsoft, three‑quarters of the planet’s knowledge workers in 2024 were already using generative AI on the job, and 78% of them brought their own AI tools to work.
Meanwhile, almost a third of all AI users admit they’ve pasted sensitive material into public chatbots; among those, 14% admit to voluntarily leaking company trade secrets. AI’s greatest threat relates to an overall expansion of the “Access-Trust Gap.”
In the case of AI, this refers to the difference between the approved business apps that are trusted to access company data and the growing number of untrusted and unmanaged apps that have access to that data without the knowledge of IT or security teams.
Employees as unmonitored devices
Essentially, employees are using unmonitored devices, which can hold any number of unknown AI apps, and each of those apps can introduce a whole lot of risk to sensitive corporate data.
With these facts in mind, let’s consider two fictional companies and their AI usage: we will call them company A and company B.
In both company A and B, business development reps are taking screenshots of Salesforce and feeding them to the AI to craft the perfect outbound email for their next prospective target.
CEOs are using it to accelerate due diligence on recent acquisition targets under negotiation. Sales reps are streaming audio and video from sales calls to AI apps to get personalized coaching and objection handling. Product operations is uploading Excel sheets with recent product usage data in the hope of finding the key insight that everyone else missed.
For company A, the above scenario represents a glowing report to the board of directors on how the company’s internal AI initiatives are progressing. For company B, the scenario represents a shocking list of serious policy violations, some with serious privacy and legal consequences.
The difference? Company A has already developed and rolled out its AI enablement plan and governance model, and Company B is still debating what it should do about AI.
AI governance: from “whether” to “how” in six questions
Simply put, organizations cannot afford to wait any longer to get a handle on AI governance. IBM’s 2025 “Cost of a Data Breach Report” underscores the cost of failing to properly govern and secure AI: 97% of organizations that suffered an AI‑related breach lacked AI access controls.
So now, the job is to craft an AI enablement plan that promotes productive use and throttles reckless behaviors. To get the juices flowing on what secure enablement can look like in practice, I start every board workshop with six questions:
1. Which business use cases deserve AI horsepower? Think of specific use cases for AI, like “draft a zero‑day vulnerability bulletin” or “summarize an earnings call.” Focus on outcomes, not just AI use for its own sake.
2. Which vetted tools will we hand out? Look for vetted AI tools with baseline security controls, like Enterprise tiers that don’t use company data to train their models.
3. Where do we land on personal AI accounts? Formalize the rules for using personal AI on business laptops, personal devices, and contractor devices.
4. How do we protect customer data and honor every contractual clause while still taking advantage of AI? Map model inputs against confidentiality obligations and regional regulations.
5. How will we spot rogue AI web apps, native apps, and browser plug‑ins? Look for shadow AI use by leveraging security agents, CASB logs, and tools that provide detailed inventory extensions and plugins into browsers and code editors.
6. How will we teach the policy before mistakes happen? Once you have policies in place, proactively train employees on them; guardrails are pointless if nobody sees them until the exit interview.
Your answers to each question will vary depending on your risk appetite, but alignment among legal, product, HR, and security teams must be non‑negotiable.
Essentially, narrowing the Access-Trust Gap requires that teams understand and enable the use of trusted AI apps across their company, so that employees aren’t driven toward untrustworthy and unmonitored app use.
Governance that learns on the job
Once you’ve launched your policy, treat it like any other control stack: Measure, report, refine. Part of an enablement plan is celebrating the victories and the visibility that comes with it.
As your understanding of AI usage in your organization grows, you should expect to revisit this plan and refine it with the same stakeholders continuously.
A closing thought for the boardroom
Think back to the mid‑2000s, when SaaS crept into the enterprise through expense reports and project trackers. IT tried to blacklist unvetted domains, finance balked at credit‑card sprawl, and legal wondered whether customer data belonged on “someone else’s computer.” Eventually, we accepted that the workplace had evolved, and SaaS became essential to modern business.
Generative AI is following the same trajectory at five times the speed. Leaders who remember the SaaS learning curve will recognize the pattern: Govern early, measure continuously, and turn yesterday’s gray‑market experiment into tomorrow’s competitive edge.
Check out our list of the best employee management software.
Add Comment