Jamie Norton, CISO at ASIC and vice chief of the ISACA board 
The bigger problem is that many still don’t know what they would do if one of those systems caused a serious security incident tomorrow morning.
ISACA’s latest AI Pulse Poll, which surveyed more than 3,500 digital trust professionals globally, found that more than half of respondents do not know how quickly their organisation could halt an AI system during a security incident. Only 12 per cent said shutdown or override procedures are regularly tested.
That should concern security leaders.
For years, cyber teams have built incident response capabilities around compromised endpoints, ransomware outbreaks, phishing attacks and cloud breaches. We understand escalation paths, containment processes, and recovery planning.
But many organisations still appear to be treating AI differently, more as a productivity initiative rather than another operational technology risk that requires governance, oversight, and response planning.
The reality is that AI systems are being embedded into business processes, customer interactions, internal decision making, and security operations themselves. That changes the risk profile significantly.
If an AI system is manipulated, generates harmful outputs, leaks sensitive information, or becomes part of a wider cyber incident, organisations need to know three things immediately:
-
Who owns the risk
-
Who has authority to intervene
-
How the system can be isolated or shut down.
Many organisations are not there yet.
At the same time, security teams are dealing with a rapid increase in AI-enabled threats.
The ISACA research found 89 per cent of respondents are concerned about unauthorised employee AI use, while many also believe AI-powered phishing and misinformation are becoming harder to detect.
That tracks with what many security professionals are already seeing.
Generative AI has dramatically improved the quality, scale and speed of social engineering attacks. The obvious warning signs that once helped people spot phishing attempts are disappearing. Attackers can now generate highly convincing emails, fake documents, cloned voices and realistic business communications in seconds.
This creates pressure on both technology controls and human judgement. It also creates a growing “shadow AI” problem inside organisations.
Employees are already using publicly available AI tools to summarise documents, analyse data, write code and generate content, often outside approved governance frameworks. In many cases, they are doing it because the tools are accessible and improve productivity immediately.
This is not entirely different from the shadow IT problem organisations faced years ago. If approved tools or processes are too slow, people will often find workarounds themselves.
The answer cannot simply be banning AI outright. Restrictive policies alone rarely stop technology adoption; they usually just reduce visibility.
Organisations instead need practical governance that allows employees to use AI safely while setting clear expectations around approved tools, sensitive information, disclosure requirements and accountability.
The research suggests boards and executive leadership are increasingly being viewed as accountable when AI systems cause harm or serious error. Yet many organisations still lack tested operational controls around those systems.
That gap between accountability and operational readiness is where cyber risk starts to grow.
Security leaders should now be asking practical questions:
-
Do we know where AI is being used across the organisation?
-
Which tools are approved and which are not?
-
Could we quickly isolate or shut down an AI system if required?
-
Do incident response plans currently account for AI-related events?
-
Would we be able to explain an AI-related incident to regulators or customers?
AI will continue delivering genuine productivity and business benefits. Most organisations understand that. But as adoption accelerates, security and governance capabilities need to mature just as quickly.
Because eventually every organisation using AI will face the same question during an incident: Who can stop the system, and how quickly can they do it?
About the author
Jamie Norton is vice chair of the ISACA board and chief information security officer at the Australian Securities and Investments Commission (ASIC). With more than 25 years of experience across government, commercial and international sectors, he specialises in cyber security, resilience and strategic risk management. Jamie has previously served as a partner at McGrathNicol, advising executives and boards on navigating emerging technology risks; CISO at the Australian Taxation Office and has held leadership roles with NEC, Tenable, Check Point and the World Health Organisation.
Want to see more stories from trusted news sources?Make Cyber Daily a preferred news source on Google.