CIOs face a critical gap as AI risk governance falls behind

The fight against artificial intelligence (AI)-enabled cyberattacks is increasingly being led by AI itself. AI agents powered by large language models (LLMs), for instance, are accelerating threat detection, incident response and analysis—often outperforming human speed and scale.

But as organizations race to deploy generative AI and machine learning cybersecurity solutions, many are overlooking a critical foundation: robust AI risk and governance frameworks. Despite the technological advances, most CIOs and other tech leaders are behind in establishing the safeguards needed to manage AI responsibly. Experts warn that this gap could prove costly.

According to IBM’s AI at the Core 2025 research, nearly 74% of surveyed organizations report moderate (37.3%) or limited (36.6%) coverage in their AI risk and governance frameworks for technology, third-party and model risks. Only 23.8% of organizations have frameworks that address these risks to a large extent; 2.3% report having no coverage at all, leaving them exposed to unmanaged AI risks.

Meanwhile, the percentage of companies integrating AI into at least one business function surged to 72% in 2024, up from just 55% the previous year. These findings highlight a mismatch between the rapid deployment of AI tools, including those used to combat cyberattacks, and the underdeveloped frameworks intended to govern them.

AI risk and governance frameworks provide the oversight and safeguards needed to keep AI systems secure and reliable, especially in high-stakes areas like cybersecurity. A key pillar of this foundation is AI security, which uses artificial intelligence to enhance threat detection, automate incident response and strengthen overall cybersecurity posture.

Without strong frameworks, organizations risk creating new vulnerabilities even as they try to defend against existing ones. They might also experience “longer recovery times from data breaches, operational disruption and reputational damage,” said Suja Viswesan, Vice President of Security and Products at IBM, in an IBM Think interview. These costs often outweigh the perceived savings of deploying AI cybersecurity tools without proper oversight.

AI is reshaping how cyberattacks are designed, automated, personalized and scaled, making them faster, more adaptive and increasingly difficult to detect.

One emerging tactic is vibe hacking, where attackers manipulate LLMs and AI agents by exploiting their contextual understanding or prompt behavior to deceive systems and infiltrate organizations. AI can also be used to enhance cyberattacks in other ways:

• Phishing at scale: Attackers can now generate highly convincing emails with minimal effort, increasing the success rate of phishing campaigns.
  
  
• Evasive malware: Malicious code adapts in real time to bypass traditional detection methods.
   
• Deepfake impersonation: Realistic audio and video content is being used to impersonate individuals and carry out sophisticated social engineering attacks.
   
• Accelerated reconnaissance: Threat actors can more efficiently scan systems and identify vulnerabilities.
   
• Adversarial manipulation: Attackers are targeting AI systems directly, manipulating inputs to distort outputs and compromise decision-making.
  

As Nick Bradley, Director of IBM’s X-Force Incident Command, noted in an interview with IBM Think, AI has given familiar threats “a new lease on life,” especially phishing. “AI-generated phishing emails, now accounting for over 80% of phishing attempts, are four times more likely to deceive recipients due to improved language and grammar,” he said.

To counter these evolving threats, companies are turning to AI to help identify threats faster, respond more quickly and strengthen their overall cybersecurity defenses, leveraging tools like real-time anomaly detection and AI-driven threat intelligence to flag suspicious activity.

We’re entering an “era of AI versus AI,” where the outcome depends on whether defensive systems can outpace offensive ones, said IBM Distinguished Engineer Jeff Crume in a recent episode of the podcast Security Intelligence.

Crume and other cybersecurity experts note that to effectively combat cyber threats, organizations need smarter tools as well as a strategic foundation of governance and security. Yet many CIOs face major challenges in establishing strong frameworks, from cost pressures and resource constraints to the sheer speed and scale of AI-enabled threats. And as with past technology innovations, widespread AI adoption is outpacing the development of risk and governance frameworks.

“In some ways, history is repeating itself,” Viswesan observed, as companies rush to deploy AI tools without the guardrails needed to manage them securely.

To overcome these challenges, CIOs should take a deliberate, phased approach. Crume emphasized the importance of integrating governance and security from the outset, noting that “it’s pretty hard to know if you’re succeeding if you’ve never even defined the benchmarks.” This means establishing clear policies, accountability structures and lifecycle management practices early on.

Ensure models are trained on trusted data sources, define acceptable use policies and conduct adversarial testing to guard against manipulation. Crume also stressed the need for a clear understanding of AI deployments, including shadow AI, and recommended tools like AI security posture management, prompt injection testing, access controls and monitoring to help detect misconfigurations, prevent data leaks and block unauthorized use.

Crume further warned that restrictive policies—such as banning popular AI tools—can backfire. “Saying no doesn’t stop the behavior, it just drives it underground,” he said.

CIOs should instead offer secure, vetted alternatives and educate employees on safe usage, according to Crume. For example, rather than blocking chatbots entirely, organizations can provide private, enterprise-grade versions that meet security standards. This proactive enablement helps prevent shadow AI from emerging due to lack of sanctioned tools.

CIOs must embrace advanced security strategies, agreed Bradley, who recommended “deepening zero trust implementation, using AI for predictive threat hunting and focusing on proactive threat intelligence.” He added that preparing for future attacks requires “building quantum-safe readiness, mitigating AI-driven social engineering risks and securing emerging technologies like AI, IoT and 5G.”

The key takeaway is that even the most advanced tools are only as effective as the security and governance structures behind them. As Viswesan said, “It is not a question of if I get attacked. CIOs and CISOs should be asking, when I get attacked, can I recover faster? For that, you need governance in place, security in place, resilience in place.”