The disconnect between the promise of AI and its actual delivery was a hot topic at Forrester’s Security & Risk Summit last week. According to Allie Mellen, a principal analyst, generative AI is proving to be a ‘chaos agent’ for many cybersecurity teams, who are trapped behind self-imposed barriers.
The truth is, excelling at governance is one of the most crucial tasks for CISOs. The gap between AI winners and losers in cybersecurity isn’t really about the tech itself, it’s about how ready an organization is to embrace it. While some orgs – Carvana, the City of Las Vegas, Salesforce, to name a few – are seeing real efficiency gains, a majority are still wrestling with walls that have been building up for years.
And these aren’t just strategic nice-to-haves anymore. With adversaries breaking through defenses in under a minute (51 seconds, says CrowdStrike’s 2025 Global Threat Report) and most security teams wanting GenAI baked right into their security platforms, taking down those walls is becoming essential. Industry numbers paint a worrying picture: over 70% of enterprises dealt with an AI-related breach in the last year, with the generative models themselves becoming prime targets, as per the SANS Institute.
Yet, here’s the paradox. Carnegie Mellon’s AgentCompany benchmark is reporting that AI agents are failing 70-90% of the time on complex enterprise tasks. Salesforce is seeing similar failure rates internally when security guardrails are up. But get this – nearly 80% of executives are still claiming meaningful productivity gains from their AI deployments. So, what gives? It’s not about chasing AI perfection; it’s about clearing away the organizational roadblocks that are holding it back.
CrowdStrike CEO George Kurtz put it bluntly at Fal.Con 2025: ‘The legacy SOC, as we know it, can’t compete. It’s turned into a modern-day firefighter.’ He sees the world entering an AI arms race, with adversaries weaponizing AI to launch attacks faster. For Kurtz, security in the AI age boils down to data quality, response speed, and enforcement precision.
Think about the average enterprise SOC – juggling 83 security tools from nearly 30 vendors. Each one spits out its own data stream, making it almost impossible to integrate with the latest AI systems. This system fragmentation, this lack of integration, is the soft underbelly of AI right now.
All those tools create a mathematical nightmare. Organizations trying to run AI across these fragmented setups are seeing significantly higher false-positive rates – about one in four alerts, and sometimes even higher. A large percentage of enterprises, almost 75%, are stuck in multi-vendor cybersecurity ecosystems. And nearly half of them call out the lack of cross-platform integration as a major headache.
Traditional security governance, with its quarterly reviews and monthly audits, just can’t keep up with AI agents making millions of decisions a second. This speed mismatch is causing a governance crisis, paralyzing AI adoption. Getting governance right often means knocking down those longstanding roadblocks.
So, what’s the answer? A centralized platform that pulls together all telemetry data, ideally through a single-agent model. That’s what SOC teams need to correlate data in real-time, scale detection, and respond effectively. Platforms like CrowdStrike’s Falcon are consolidating data streams to enable governance decisions at machine speed and precision. This kind of architecture unlocks capabilities like policy-as-code for AI agents, a single source of truth for audits, continuous control monitoring, and consistent identity-centric governance.
These design goals translate to fewer agents to manage, fewer policy conflicts, and fewer blind spots across diverse environments. For CISOs, it means a clear story to tell the board – that AI initiatives aren’t rogue, but operating within a provable governance framework.
The CISO’s role is evolving from gatekeeper to business enabler. As Cobalt CISO Andrew Obadiaru notes, the pace is only increasing, so we need to get better, and fast. One CISO at a financial services firm told VentureBeat that tying his team’s performance to new revenue was the ‘single best decision’ he’s made.
PagerDuty CISO Pritesh Parekh emphasizes that when security is done right, it accelerates the business by replacing manual checkpoints with automated guardrails. Organizations that blend security and IT operations tend to have better governance and fewer security incidents. When breaches happen in under a minute, those silos become attack vectors.
The fix? Integrate security teams into development and operations. Build automated guardrails, not manual checkpoints. Enable AI agents to tap into unified data streams for instant response. Security transforms from a bottleneck into the engine powering automated defense.
About the Author
