Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AI Risk & Governance Sam Soares CRO 31 October 2025 5 min read Share.

In late 2022, AI exploded into the mainstream with OpenAI’s ChatGPT, starting an AI-fuelled shift in both everyday life and the cyber threat landscape. Just as quickly as everyday users rushed to adopt the technology, so did threat actors. From generating phishing pretexts to writing malware and crafting deepfakes, AI systems have become both a new tool and a new target.

Executives everywhere are under pressure to deploy AI fast — but our recent roundtable on AI risk, hosted by TEISS, revealed a growing concern: AI adoption is outpacing governance, and organisations are taking on more risk than they realise. While most enterprises have mature technical controls, many are missing visibility into how AI is being used — and by whom.

When a fast-scaling digital bank began seeing widespread employee adoption of generative AI tools like ChatGPT and Gemini, their security team faced a growing dilemma: how do you protect sensitive data without shutting down innovation?

Despite having modern DLP and CASB tools in place, they lacked the behavioural insights and real-time context needed to guide employee use of GenAI tools. Shadow AI use was growing, and SecOps lacked clear visibility into which incidents required intervention.