AI Governance in Cybersecurity Has a Leadership Problem, Not a Technology Problem

Enterprises are running AI risk programs that lack real accountability structures. This article, which expands on insights from a recent episode of The Cyber Circuit podcast, examines what security leaders can do to prepare themselves for what comes next.

AI governance in enterprise cybersecurity is currently a collective fiction. Most organizations have the language of governance, some third-party risk questionnaires with an AI addendum, maybe a policy document, and a CISO who can credibly speak to the risk surface. What most do not have is an accountability structure that reflects how AI actually operates in 2026: autonomously, at speed, across non-human identity chains that traditional IAM and audit frameworks were never designed to assess.

This is the central argument that emerged from a recent episode of The Cyber Circuit podcast on Insight Jam, featuring former CISO Manju Mude and cybersecurity advisor Michael Morgenstern. The conversation is worth your time. But the conclusions it surfaces point to a broader structural problem that deserves sustained editorial attention.

FAQ Block

The EU AI Act is currently the most substantive national or regional AI governance framework in effect; the United States has no equivalent binding regulation as of mid-2026.
NIST’s AI Risk Management Framework (AI RMF) provides voluntary guidance but does not carry a compliance mandate.
Agentic AI systems, which can initiate multi-step autonomous workflows, are now commercially deployed across enterprise environments, fundamentally changing the scope of non-human identity risk.
Traditional IAM and audit frameworks were designed around human-in-the-loop workflows and do not cleanly map to autonomous-agent permission models.
Deepfake-enabled social engineering is increasingly targeting C-suite executives, which is a problem, considering the majority of people struggle to identify AI deepfakes.

The Governance Gap Is a Policy Gap in Disguise

Enterprise AI governance is not failing because CISOs are incompetent or boards are irresponsible. It is failing because governance frameworks have historically been downstream of regulation. HIPAA, PCI DSS, SOX, and SOC 2 all gave security and compliance teams something to point at. They structured board conversations, justified budget requests, and gave auditors a checklist. In the absence of equivalent federal AI regulation in the United States, enterprises are doing what they always do when external mandates disappear: they make up their own rules based on risk tolerance, and risk tolerance without external benchmarking trends conservative on the upside and permissive on the downside.

The result is that most AI governance programs are really just shadow IT discovery programs with extra vocabulary. Security teams are monitoring traffic, flagging API key exposure, and trying to figure out which of the dozens of AI tools their engineering org is running. That is necessary work. It is not governance.

Genuine AI governance requires ownership of decisions, accountability for outcomes, and a documented rationale for risk acceptance. Very few organizations have all three. Even fewer have a designated executive with the authority and mandate to enforce any of it.

Agentic AI Breaks Every Assumption Insider Threat Programs Were Built On

The shift from chat-based AI interfaces to autonomous agents is arguably the most significant and underreported security transition of the past twelve months. Insider threat as a discipline was designed around a simple model: a credentialed human with access does something unauthorized. You audit the logs, trace the permission escalation, identify the actor, and remediate.

Agentic AI dissolves that model at every stage. When an engineer prompts an agent to “get me everything you can on this topic and keep working until you have it,” and that agent then traverses APIs, escalates permissions, and triggers downstream agents, the traditional accountability chain breaks. There is no single human decision that corresponds to each action. The engineer made one decision. The agent made thousands. Who answers to the regulator?

The honest answer right now is: nobody does, cleanly. The more useful answer is that this creates an urgent design requirement. Agentic AI deployments need explicit permission ceilings, audit logging at the agent-action level rather than just the session level, and human-approval gates for any action that touches external systems or privileged credentials. These controls exist in theory. Most organizations have not implemented them with the rigor that agentic scale demands.

The Board Is Not Having the Right Conversation

One of the most clarifying observations from The Cyber Circuit discussion is that board-level AI conversations in most enterprises occur within the strategy function, not the risk function. Boards are asking about AI-driven efficiency, workforce optimization, and competitive positioning. They are not asking their CISOs whether the organization has a documented framework for non-human identity governance or agent permission management.

This is not surprising. It mirrors almost exactly what happened with cloud adoption in the early 2010s, when the business case was obvious and the security infrastructure lagged by several years. The difference with AI is speed. Cloud adoption gave security teams years to build controls. The agentic AI transition is happening in quarters.

CISOs who are waiting for the board to surface AI risk as a priority are likely to wait too long. The more productive path is to tie AI risk directly to financial exposure, since risk language that connects to dollars moves faster in boardrooms than risk language that connects to threat scenarios. If a highly capable engineer is generating six figures in annual AI compute spend, that is already a budget and audit conversation, not just a security conversation. Security leaders who frame AI risk in those terms will receive a different reception than those who lead with attack-surface descriptions.

What Auditors Are Not Ready For

Traditional compliance frameworks are encountering a structural problem with AI governance that has not yet been widely acknowledged: their assessment methodologies assume human workflows. The expectation that IAM controls will map to identifiable individual users with documented access requests, approvals, and revocations does not hold when the identity in question is an autonomous agent that provisioned its own credentials or inherited them from a parent agent.

Auditors working under SOC 2 Type II or similar frameworks are beginning to encounter this gap in live assessments, and the current default response is to treat AI tooling as a scoped exclusion or a management response rather than a material control gap. That posture is unlikely to survive the first significant AI-related breach that triggers regulatory scrutiny, at which point auditors and their frameworks will be under pressure to retrofit requirements that should have been designed proactively.

What Security Leaders Should Actually Do

Waiting for external regulation is the wrong strategy for both the organization and the CISO’s professional standing. The leaders who will have defensible programs when enforcement eventually arrives are the ones building internal accountability structures now. That means:

Designating explicit AI program ownership at the executive level, separate from the CISO function but closely coordinated with it. A Chief AI Officer or equivalent role with risk accountability is not premature; it is overdue in organizations with serious AI deployment footprints.
Building agent-specific access controls into AI infrastructure architecture, not as a retrofit. Agents should operate under least-privilege principles with explicit scope ceilings, time-bound permissions, and audit logging at the action level.
Reframing internal AI risk communication in financial terms. Compute spend, productivity multipliers, and exposure scenarios that translate into dollar figures, as they move faster through budget and board cycles than attack surface descriptions.
Treating every regulatory inquiry or AI-related incident as a governance design opportunity. The absence of external mandates does not eliminate the window for internal rule-setting; it expands it.

The Coming Adolescence of AI, and Why It Should Motivate Urgency Now

The tools available in mid-2026 are already straining existing control frameworks. The tools likely to be available in 2027 will be materially more capable, more autonomous, and more deeply embedded in enterprise infrastructure. If the pattern of security-bolted-on-afterward holds, as it did with internet, cloud, and mobile, enterprises will probably spend the latter half of the decade trying to secure AI deployments that were never designed with security as a first-order requirement.

The window for proactive AI governance design is open right now, partly because regulation has not yet arrived and partly because the organizational chaos of rapid AI adoption has created space for security leaders to define terms before business units do. That window will not stay open indefinitely. The organizations that use it well will have a significant advantage when external mandates eventually close it.

The post AI Governance in Cybersecurity Has a Leadership Problem, Not a Technology Problem appeared first on Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, & Services.