Agentic AI , Data Governance , Data Security

Most enterprise security programs carry a quiet assumption: Whoever sits on the other side of a control is a person. Someone who can be trained, who pauses before acting and who, even with wide-ranging access, brings instinct to bear about what's worth opening, what's safe to share and what to leave untouched.

See Also: AI Impersonation Is the New Arms Race-Is Your Workforce Ready?

Across new CISO research on artificial intelligence and data security, leaders kept circling back to the same issue from different starting points. The person their controls were designed to govern is not who is now moving through their data. AI doesn't slow down. It doesn't screen. It doesn't quietly conclude that something is irrelevant before pulling it into memory.

What matters: AI takes on broad permissions with none of the human restraint that used to sit behind them. Every gap in a data control is now exposed to something that never hesitates.

Why Enterprise Security Controls Don't Work on AI

Every control, policy and enforcement mechanism inside the enterprise was drawn up with people in mind. People operate at human speed. They can be trained, reviewed and held to account. Even those with sweeping permissions tend to apply some innate sense of what to touch and when. A finance leader with full visibility into compensation data still won't crack open every file in the folder.

An AI agent picks up those same permissions and acts on them differently. It doesn't pause. It doesn't screen. It applies no judgment to what it pulls forward or puts to use. Point an agent at a data source and it reaches everything in range, not only the parts that matter.

The frameworks we built around human behavior simply have no vocabulary for what AI is now doing.

How Widespread Is the Non-Human Actor Problem

In a study of 124 security leaders, 90% of organizations had handed broad data access to enterprise generative AI tools, 68% couldn't say what data their agents were actually touching and 32% had unidentified agents running inside their environment.

That last figure is where most CISOs got stuck. Nearly one-third of organizations host agents that no one on the security team has ever catalogued. Those agents are reading, summarizing and acting on data using credentials that were inherited from people and written for people.

None of this is hypothetical. It's live right now.

What Does This Look Like Inside a Real Organization?

One example a CISO offered in the research captured it cleanly. An employee fed a batch of internal documents into a consumer AI tool to get them analyzed. By default, that tool allowed submitted content to be used for model training. The data was gone and nobody could say where.

There's nothing to trace here. No alert to match. No bad actor to chase down. Just an employee using a tool that did precisely what it was built to do, measured against a policy framework that assumed a person would be the one choosing what to share. The judgment layer was absent because the framework was never built to expect its absence.

Data estates that were never fully classified turn into wholesale, instant exposure the moment an agent is aimed at them. AI doesn't create that exposure. It was sitting there. AI just renders it visible at machine speed, to systems that bring no human sense of what should and shouldn't surface.

What Does Data Security at AI Speed Actually Require?

The actor inside your data estate isn't always a person anymore. Sometimes it's an inherited credential with a large language model behind the wheel. Sometimes it's an agent your IT team signed off on last quarter. Sometimes it's a sanctioned generative AI querying a SharePoint that was never classified to begin with.

The teams closing this gap tend to look alike. They've stretched their governance frameworks past human actors to cover non-human identities, too. They classify what AI tools are able to reach before any connection is made. And they make agent activity visible inside their environment, so they can respond to what counts instead of reconstructing it later.

What's left to do is build a data foundation that can actually be governed at the speed AI moves.

Where Do CISOs Go From Here?

The non-human actor problem is just one thread in a larger pattern. This research surfaced seven core insights into how data trust decides whether AI projects land or fall apart. The full report, The Impact of Data Trust on AI Success, works through all seven, with direct quotes from security leaders and a clear set of recommendations for governing AI without putting the brakes on the business.