Across industries ranging from financial services and healthcare to manufacturing, government, retail, and investment management, CISOs are confronting the same central challenge. Employees are adopting AI tools faster than organizations can fully govern them.
What makes the current environment especially difficult is the speed of innovation occurring directly inside browsers, operating systems, collaboration tools, and business applications. AI is no longer confined to a standalone platform that can simply be blocked or approved. It is embedded into web browsers, productivity suites, search engines, customer applications, developer tools, and enterprise workflows. Security leaders are now navigating a world where AI functionality appears automatically through software updates, third-party integrations, and cloud services that business units adopt independently.
In a recent Cyber Security Tribe roundtable among security executives, the conversation reflected a growing recognition that traditional governance models are struggling to keep pace. While organizations continue deploying familiar tools such as CASB solutions, DLP platforms, Zero Trust architectures, endpoint monitoring, and firewall controls, most participants agreed that there is no single platform capable of comprehensively governing AI usage today. Instead, organizations are assembling layered control models while simultaneously attempting to educate employees, establish policy standards, and maintain business productivity.
The Rise of Shadow AI
One of the most persistent concerns raised throughout the discussion involved the rise of shadow AI usage. Even when organizations block or restrict public AI services on managed systems, employees continue finding alternative ways to interact with these tools. Some use personal phones. Others access AI tools from home devices. Still others rely on browser-based services that appear and disappear faster than governance teams can catalog them.
Security leaders noted that this dynamic mirrors earlier eras of shadow IT but with much higher stakes. Unlike unsanctioned file sharing or unauthorized SaaS adoption, AI tools often involve employees directly sharing corporate ideas, operational strategies, customer information, source code, or internal processes with external models. Even when sensitive files are not uploaded, prompt content alone may reveal strategic intent or proprietary business information.
The problem becomes even more complex as AI capabilities become embedded within existing enterprise software. Security teams discussed how operating systems and browsers now contain built-in AI assistants that require multiple layers of configuration to disable properly. Organizations may believe they have successfully restricted an AI feature only to discover another embedded capability remains active elsewhere within the environment.
Balancing Control and Innovation
Despite the security concerns, the roundtable discussion repeatedly returned to a central reality. Organizations cannot simply prohibit AI adoption entirely. Employees increasingly expect access to AI tools because they see measurable productivity benefits in their daily work.
Participants described a growing tension between security teams attempting to prevent misuse and business leaders encouraging employees to embrace AI-driven efficiency. In many organizations, executives are actively promoting AI experimentation without fully defining acceptable usage boundaries. Security teams therefore find themselves navigating both operational risk and cultural expectations simultaneously.
Several leaders emphasized that governance strategies must evolve beyond simple blocking approaches. Security teams increasingly recognize that their role includes enabling safe innovation rather than only restricting technology usage. This shift requires organizations to provide approved AI environments where employees can experiment productively while maintaining appropriate safeguards around data handling and monitoring.
The discussion highlighted how some organizations are already implementing internal AI ecosystems rather than permitting unrestricted use of public platforms. In highly regulated industries such as financial services, organizations are deploying internally managed large language model environments with strict monitoring, encryption, and access controls. These internal platforms aim to reduce the risk of sensitive information leaking into external training models while still allowing employees to benefit from AI capabilities.
Governance Requires More Than Technology
Although much of the discussion centered on technical controls, participants consistently reinforced that governance is fundamentally a people and process challenge. Training employees to understand the implications of AI usage emerged as one of the most important long-term priorities.
Security leaders described the growing need to educate users about data ownership, contractual obligations, prompt risks, and acceptable use standards. Many employees still do not fully understand how AI platforms handle submitted information or how generated outputs may create compliance and legal exposure.
Organizations are also increasingly involving legal teams in AI governance decisions. Participants stressed the importance of carefully reviewing AI vendor contracts to determine who owns generated content, whether submitted data may be retained for model training, and how discovery obligations would apply during litigation or regulatory investigations.
This collaboration between legal, compliance, security, and business units is becoming essential as governments worldwide begin introducing formal AI regulations. The conversation referenced the growing impact of the EU AI Act and the likelihood that additional global regulatory frameworks will continue emerging. Security leaders recognize that governance strategies implemented today must remain adaptable as compliance expectations evolve.
The Challenge of AI Visibility
Another recurring theme involved the difficulty of maintaining visibility into AI usage across modern enterprises. Participants repeatedly acknowledged that many organizations simply do not know the full extent of employee AI adoption.
Even with monitoring tools in place, AI usage often occurs across fragmented environments that are difficult to consolidate into a single operational view. Browser-based interactions, embedded AI capabilities within business applications, external APIs, mobile devices, and third-party software integrations all contribute to a rapidly expanding visibility problem.
Security leaders noted that this fragmentation creates substantial operational challenges for already resource-constrained teams. Some organizations lack dedicated personnel capable of continuously reviewing prompts, monitoring usage patterns, or assessing AI-generated risks. Smaller public sector organizations in particular described how limited staffing makes comprehensive oversight extremely difficult.
Participants also raised concerns about duplicated experimentation occurring across organizations. Employees in similar roles may independently create overlapping AI workflows without coordination or centralized governance. This not only increases security risk but also creates inefficiencies where organizations repeatedly solve the same problems in isolated ways.
Third Party Risk Expands Rapidly
Third-party risk management emerged as another major concern throughout the discussion. Security leaders expressed growing anxiety over software vendors rapidly embedding AI functionality into existing products without adequate transparency or governance review.
While major technology providers often receive significant scrutiny, participants suggested that smaller vendors may create even greater risk exposure. Many organizations are discovering that previously approved business applications now include embedded AI capabilities powered by external APIs and external model providers.
This creates difficult governance questions for security teams. Business units may assume an approved application remains safe because it previously passed security review, even though new AI functionality fundamentally changes how data is processed and transmitted.
Participants stressed that organizations must increasingly evaluate not only the applications they approve but also the AI supply chains operating beneath those applications. Vendor due diligence processes now require deeper examination of how AI models are integrated, what data is transmitted externally, and what governance standards vendors themselves maintain.
Security Teams Seek a Sustainable Path Forward
Although the conversation highlighted substantial uncertainty, it also reflected a growing maturity in how organizations are approaching AI governance. Security leaders no longer view AI solely as a future problem, they view it now as an active operational discipline requiring ongoing adaptation.
The discussion demonstrated that many organizations are building governance strategies incrementally rather than waiting for a perfect solution to emerge. Layered controls, internal AI environments, employee education, legal collaboration, policy enforcement, and risk-based monitoring are all becoming part of evolving governance frameworks.
Participants also acknowledged that organizations must avoid becoming purely obstructionist. Employees will continue using AI because the productivity advantages are increasingly difficult to ignore. Security leaders therefore face the challenge of enabling responsible adoption while minimizing unnecessary exposure.
Perhaps the clearest consensus from the discussion was that AI governance is no longer simply a technical cybersecurity issue. It now touches culture, compliance, legal operations, business productivity, procurement, and executive leadership. The browser era has transformed AI from an isolated innovation into an enterprise-wide operating reality.
For CISOs, the task ahead is not merely blocking risky behavior. It is helping organizations build sustainable models for safely integrating AI into daily operations while maintaining trust, accountability, and resilience in an environment changing faster than traditional governance structures were ever designed to handle.
Another area gaining increased attention is the role of the enterprise browser as a potential governance layer for AI interactions. Security leaders discussed how browsers have effectively become the new operating environment for much of modern work, especially as employees rely on SaaS applications, cloud platforms, and browser-based AI tools throughout the day. Traditional network controls and endpoint protections often struggle to maintain visibility once users begin interacting directly with browser-based AI services.
Enterprise browsers are increasingly being evaluated as a way to bridge that visibility gap without completely disrupting employee workflows. By creating a more controlled browser environment, organizations may gain improved insight into prompts, uploads, session activity, and data movement while still allowing employees to use approved AI capabilities productively. Rather than forcing security teams into a constant cycle of blocking and chasing new applications, some leaders see browser-level governance as a way to apply policy controls closer to where AI activity occurs.
The discussion also suggested that browser-centric governance could help organizations simplify some of the operational complexity created by fragmented tooling. Instead of relying entirely on separate layers of CASB, endpoint controls, proxies, and manual monitoring, security teams are beginning to explore whether browser-native visibility and policy enforcement can reduce blind spots while supporting a more flexible user experience. While no single approach fully solves the governance challenge, the enterprise browser model is increasingly viewed as one component of a broader strategy for managing AI safely at scale.
