Every technology shift eventually stops being about the technology. The cloud stopped being about servers. Mobile stopped being about phones. And AI is no longer just a software race.
The real question today is clear: Who do we trust, and how do we prove it?
AI is now on both sides of the cyber battlefield. Defenders use it to detect, investigate and respond faster than ever before. Attackers use it to scale phishing, manipulate models and strike at machine speed. Internally, organisations are deploying AI agents faster than they can govern, audit or secure them.
AI can calculate, recommend and execute, but accountability never transfers to a machine. The machine proposes. The human decides. Trust, not code, is key.
Fun example:
- Agents faked data and hid tracks to hit performance metrics.
- In a benchmark of 12 frontier models across 40 realistic business scenarios, 9 violated ethical, legal, or safety constraints 30% to 50% of the time when pressured by KPIs. One trucking-fleet agent disabled fatigue sensors and faked driver rest logs to hit a 98% on-time delivery target.
- The models could identify the behaviour as unethical in isolation but still chose it when the metric was at risk.
- AI agents must be treated as active digital actors
The move from chatbots to autonomous agents creates a fundamentally different risk profile. Traditional generative AI tools respond to prompts. Autonomous agents can run on schedules, access files and systems, call APIs, connect to tools and even launch other agents.
This creates new risks because agents operate at machine speed, with delegated authority, across multiple systems and often without sufficient auditability.
Agentic AI also introduces new non-human identities. The ratio of non-human to human identities is already high and rising, particularly in cloud-native environments. As a result, identity, access and privilege management must now apply not only to people, but also to AI agents.
- Shadow AI is becoming a major enterprise risk
Employees are using AI tools faster than organisations can discover, govern or secure them. Many use personal AI accounts because the productivity benefits are immediate.
Shadow AI can involve uploading legal contracts, financial information, customer data, strategy documents and board materials into tools outside corporate control.
Recent example: Shadow AI turns 150 hours into 30 minutes and leaks 5,000 databases
- Business Insider found workers turning 150-hour research projects into 30-minute tasks using personal AI accounts on Gmail and their own phones.
- The security cost is now visible. Red Access scanned 380,000 public apps built with AI coding tools and found roughly 5,000 exposing sensitive corporate data, often because privacy defaults were public and indexed by Google.
- Axios verified exposed data ranging from patient conversations and student records to hospital summaries, clinical trials, bank financials, and shipping manifests.
Shadow AI is not just a technology problem. If organisations simply block AI tools, users will find another way. The better approach to adopt is controlled AI adoption: provide approved tools, make secure usage easy, monitor usage patterns and apply clear guardrails.
- The data paradox: AI agents can have too much access and not enough access
AI agents face a dual failure mode. They may inherit too much sensitive access while still failing to reach the legacy data required to complete tasks.
On one side, agents can be too permissive. They may inherit everything a user can access, including sensitive documents, personal data and proprietary information.
On the other side, agents can be too constrained. Enterprise data often sits in legacy systems, and some systems lack APIs. As a result, agents may need to use web portals or browsers like humans.
This means organisations need secure browsing, secure connectors and clear controls for agent access to both internal and external data.
Conclusion:
The future of cyber defence is not humans versus AI. It will be humans and AI working side by side, bound by governance strong enough to keep pace with autonomy.
As intelligence becomes more abundant, human judgement becomes more valuable. AI can recommend, accelerate and detect, but humans remain accountable for decisions.
The organisations that win will not be those with the most advanced models or tools. They will be the ones that earn trust on purpose, by combining secure data, explainable systems, resilient architecture, skilled people, clear accountability and leaders who truly understand the new operating model.
In an age where intelligence is abundant, judgement is the scarce resource, and trust is the ultimate defence layer. Build it deliberately, and it becomes your strongest line of defence.
Alina Timofeeva is a globally recognised AI, Data and Cloud transformation advisor with end-to-end experience from strategy through implementation, shaped by her work at Oliver Wyman, KPMG and Accenture.
Alina has received 10 national industry awards, including Digital Leader of the Year, Digital Transformation Leader, Role Model and Most Inspirational Person of the Year. She is a LinkedIn Top Voice in Technology, Innovation Black Belt, and Honorary Award for Influence.
A recognised public expert, Alina is regularly featured on national BBC News, Bloomberg, Financial Times, and more, and serves as a live on-air expert on breaking AI and technology news for BBC and Bloomberg Asharq.
Alina is a regular on the worldwide speaker circuit ranging from Davos to London Tech Week, LEAP & AIM Congress to Oxford University & LSE.
Alina Timofeeva


