For years, Ali Nouman, CISSP, held the view that his job was fairly contained: secure the infrastructure, manage identities, keep an eye on where data was flowing and make sure someone could always answer “who’s responsible for this.” The whole control model was built on the assumption that people knew what they were protecting. He explains how and why artificial intelligence (AI) broke that assumption.

AI Month: We Have AI Everywhere but Control Almost Nowhere - Ali Nouman, CISSPDisclaimer: The views and opinions expressed in this article belong solely to the author and do not necessarily reflect those of ISC2. 

AI didn’t show up as a new project with a kick off meeting and a risk assessment. It showed up inside tools we’d already approved years ago, usually riding in on a routine update or a feature someone had switched on by default. More than once, my team and I found out it was already running before we’d flagged it. By then it had already started shaping how people worked. That’s when it hit me: our controls were built for systems that stay roughly the same shape over time. AI doesn’t.

Not Shadow IT, But Shadow Decision-Making

I know how to deal with Shadow IT. Someone signs up for a tool we didn’t approve, so we either bring it into governance or shut it down. We’ve had years of practice at that. This was different.

People were using AI features to summarize reports, draft code and suggest next steps. At first this looked like a normal productivity story. What worried me was watching those outputs quietly start to drive real decisions – decisions that never passed through the review steps we’d normally expect.

Nobody was acting with bad intent. There just wasn’t a place for this in our process. But, as the security lead, I was the one who’d be asked to explain it later.

You Can’t Govern What You Can’t See

When I tried to get a handle on how much AI was actually in use, I expected a handful of approved pilots. But we found a lot more than that.

AI was already live across collaboration tools and customer-facing platforms – not the places I’d have thought to check first. Some of it had been switched on by default by the vendor. Some of it, teams had simply turned on themselves because it was useful, without thinking of it as “AI” in the sense that would trigger a risk conversation.

We faced a visibility problem, not a misuse problem. We’d built our discovery process to catch new systems landing in the environment, but not new capabilities appearing inside ones we already trusted. So, I changed how we worked: AI discovery stopped being a one-off exercise and became part of how we review the environment on an ongoing basis.

What My Vendors Taught Me About Risk

I used to assume that, once a vendor passed review, the risk picture stayed roughly stable until something big changed. One update proved me wrong.

A vendor we’d long since approved rolled out an AI-driven recommendation feature as part of a standard release. It started shaping customer outcomes almost immediately. On paper nothing had changed; it was still the platform we’d signed off on. But the decisions it was supporting had changed and that meant our exposure had changed too, contract or no contract.

After that, I stopped treating vendor reviews as a once-a-year checkbox. We now ask specifically what’s changing on the AI side and where the roadmap is heading, not just at renewal but in between.

The Traceability Problem

I’ve always relied on being able to answer three questions about any decision: who made it, what informed it and how I’d justify it if challenged. AI has made that harder than I expected.

I’ve seen decisions, clearly shaped by an AI output, where the logs existed but didn’t really explain why that particular output came out the way it did. There was a record, but not much of an explanation. The gap between what we can log and what an auditor would actually want to see is the part that worries me more than the technology itself.

What Has Actually Helped

A few things made a real difference. I stopped waiting for someone to ask permission to use AI and started looking for it inside our processes instead. Vendor conversations shifted from asking whether it was still the same platform to asking what was changing on the AI side. I made sure that question got asked more than once a year. We also built in real checkpoints, at which someone could push back on an AI output before it became a decision – with the time and authority to actually do it, not just a policy saying they could. None of that solved the problem, but it gave us a fighting chance at seeing it coming.

Where This Leaves Me

AI isn’t going to slow down and wait for our controls to catch up. But most of us are still running playbooks built for systems that hold still, applied to something that doesn’t. I’m increasingly the person expected to stand behind a decision I didn’t fully see coming, made by something I can’t fully explain.

That’s not theoretical for me anymore. It’s just the job, now.

Ali Nouman, CISSP, has 18 years of experience across retail, enterprise, fintech and highly regulated environments. He has held global cybersecurity leadership roles with responsibility for maturing security capabilities and translating complex risk into measurable operational controls. His work spans strategy, risk transformation, SOC design and incident response across distributed and cloud environments.

Related Insights