Artificial Intelligence has saturated the enterprise space with unprecedented speed. As a result, boardrooms are inevitably flooded with questions about generative models, algorithmic bias, and the risks of adopting these tools too quickly—or too slowly.
The challenge for boards is cutting through the vendor hype and understanding the actual, material risk to the business. Panic is not a strategy, and neither is blind optimism. To provide effective governance, boards need structured, outcome-based conversations with their security leaders.
Here are three pragmatic questions every board should be asking their CISO about AI risk right now, and what satisfactory answers look like.
1. Where is our proprietary data actually going? The most immediate risk with generative AI is not a sci-fi rogue algorithm; it is data exposure. When your teams use external language models to summarise meeting notes or write code, they are sending potentially sensitive intellectual property outside your perimeter. It is the equivalent of handing your corporate blueprint to a stranger in a coffee shop and trusting them not to read it.
What a good answer looks like: Your CISO should not simply reply, "We blocked ChatGPT." That tells you they lack operational empathy, as shadow IT will inevitably bypass the block. A strong answer details clear governance: what approved, enterprise-grade tooling exists (where data is not used to train the vendor’s public models), how access is monitored, and how staff are educated to use it safely.
2. How reliant are our critical operations on third-party models? As we embed AI into our products—from customer support chatbots to predictive analytics—we introduce deep third-party dependencies. If OpenAI, Anthropic, or another provider suffers an outage, or if their model weights change and break your implementation, what happens to your revenue?
What a good answer looks like: Your CISO, alongside engineering leadership, should be able to articulate the blast radius of a model failure. A pragmatic defence strategy involves architectural resilience, such as model-agnostic abstraction layers so the business can switch providers if necessary, and fallback procedures if an API goes down entirely.
3. Are we augmenting our security analysts, or replacing them? Many vendors sell "AI-driven SOCs" with the promise that human analysts are no longer necessary. This is a dangerous fallacy. Security requires judgement. If we blindly hand over triage and incident response to an opaque algorithm, we introduce severe vulnerability to data poisoning and unexpected edge cases.
What a good answer looks like: The CISO must be clear that AI is being deployed to accelerate the human, not replace them. The tools should handle the mundane, high-volume data correlation, freeing up analysts to investigate complex, ambiguous threats. A mature security function will always retain a "human-in-the-loop" for critical authorisation and decision-making.
Effective board oversight of AI does not require a postgraduate degree in machine learning. It requires demanding clarity, pragmatic risk management, and ensuring that security acts as a strategic enabler for safe innovation.
Recommended Reading
- Securing Machine Learning Algorithms - ENISA Report
- NIST AI Risk Management Framework (AI RMF) - A foundational guide for structuring governance.