How to Close Gaps in Your AI Security Controls: A Real Practitioner’s Perspective
AI is everywhere, and organizations are feeling more pressure than ever to use it. But this often leads to internal tension: on one hand, business units or leadership might be eager to launch licenses for copilots and other generative tools. On the other hand, IT might not yet have the expertise to roll out AI confidently, and hesitate to rush adoption before fully understanding the risks.
It’s a situation that was familiar to attendees at the British Columbia Regional Forum with IX Solutions and Arctic Wolf, which explored emerging AI security controls and common challenges.
During the Forum, Bruce Piper, Solutions Architect, Modern Workplace at IX Solutions, shared guidance on how organizations can approach AI adoption securely. Here, we’ll unpack his key takeaways from the event—including where security gaps in AI may exist in your environment and how to address them through practical, achievable steps.
Common Security Gaps in AI
Arctic Wolf research shows that, for the first time since 2021, AI has surpassed ransomware as the top concern for IT and security leaders. Piper highlights that data exposure through third-party AI solutions is a primary risk area: “A lot of organizations don’t have a handle on permissions and whether their data is ending up in a generic productivity tool like ChatGPT. It’s just another form of shadow IT, but it’s more dangerous because of the potential for a leak.”
Once intellectual property, customer records, or other internal content leaves your environment, the organization loses control over how it’s handled and whether external models may expose it in future outputs.
Common threats like phishing and account takeovers are also becoming higher-risk, since AI helps attackers create smarter campaigns. “The kinds of phishing emails you might have received last year probably seemed a little off, but now they look perfect,” says Piper. “That’s an important blind spot to keep in mind, because it’s potentially how your multi-factor authentication (MFA) will get hijacked.”
Additionally, participants at the Forum called out prompt injection—a top risk for large language models (LLMs)—but not in the way you might expect.
Prompt injection refers to using deceptive inputs to trick an AI model into performing unauthorized tasks, often to surface sensitive data. However, it doesn’t always happen with malicious intent. For example, staff might dupe AI tools into doing tasks they weren’t built for, like asking an agent to generate code when it was only meant to retrieve product information.
While the goal is usually productivity rather than misuse, Piper states that this not only introduces data security risks but can also unexpectedly raise costs. “These companies were racking up million-dollar token consumption bills simply because they didn’t have enough guardrails to limit what the agent could perform.”
AI Security Controls Every Organization Should Prioritize
Most IT teams are aware that AI introduces security risks that their existing controls aren’t designed to handle, but they might be unsure how to adapt. The good news is that a stronger posture is achievable without investing in expensive new security software or a massive reconfiguration. Here are some practical first steps:
1. Keep Early Use Cases Narrow With an AI Policy
While recommending that every organization should have an AI policy, Piper observed that about half the room at the Forum admitted to not having one. “They either didn’t know what it should look like, or they were afraid that opening the conversation would spark wider interest in tools they weren’t prepared to manage.”
Rather than thinking of an AI policy as a complex document that needs to address every possible use case, first define what the organization doesn’t want to allow with AI (at least to start). Don’t be afraid to err on being more restrictive. A smart approach is to limit AI to a couple of narrow workflows with justifiable use value, rather than handing out copilot licenses to large user groups for many different productivity tasks. For example, some good initial AI implementations could look like:
Supporting PowerPoint development for a sales team that spends a lot of time creating sales decks.
Improving efficiency for finance staff who juggle multiple spreadsheets and build reports manually.
When your policy limits AI to a few specific use cases, the scope of data involved is usually quite small. This makes the technology a lot easier to manage from a security perspective. It also focuses the AI investment on areas where efficiency gains are likely to have the biggest payoff.
In fact, Piper saw the value of lower-scale AI implementations from both a cost-benefit and security lens as one of the event’s biggest takeaways. “I saw a lot of lightbulbs going on with the question of, ’Do we really need AI for that?’ Sometimes, a simple solution or automation is all the user needs. And it’ll not only be more secure, but a lot less expensive to run.”
2. Establish a Manageable Data Governance Plan
AI implementation should always be built on a foundation of robust access controls, data management, and visibility. In Piper’s words, think of it as renting out a room through Airbnb: “You want to limit where guests can be rather than allowing them to wander freely through your entire house. If they take one of your valuables, the security system should alert you the second it leaves the space.”
Encryption and permission management are essential here to enforce authorized access and protect data, even if it ends up in an external environment. Sensitivity labels also ensure that permissions travel with files—something that happens automatically when you’re working within a Microsoft ecosystem.
Proper data governance, though, can be overwhelming for many organizations. Piper says the baseline is often a house that’s occupied not just by Airbnb guests but by a hoarder. “They see what’s involved in cleaning, classifying, and organizing their data—maybe one, even two years of hard work—and they think, ‘This isn’t possible.’”
If that’s relatable, the best way to make governance achievable, again, is to limit your early use cases. By restricting AI to one or two workflows, you can tidy things up and set permission boundaries and sensitivity labels on very specific datasets. Then, expand the governance plan to new use cases and data as time and resources allow.
3. Define Accountability Before Outputs Become Liabilities
Assigning clear ownership and accountability is crucial in catching inaccurate or harmful AI outputs proactively. It also helps organizations avoid legal and compliance issues while ensuring they’re prepared to respond if something goes wrong.
“During the Forum, a municipality shared an example where an AI tool was asked which beaches have lifeguards,” says Piper. “It pulled outdated information and named three beaches—none of which had lifeguards anymore. It’s easy to see how that could escalate into a serious liability.”
Not every organization has a dedicated CISO to own AI accountability. In practice, this isn’t necessarily a problem because accountability works best as a collaborative effort between leadership, IT, and business unit leaders. These stakeholders should align on approved use cases through an AI policy and ensure that their data governance plan is followed and maintained over time.
Beyond this, organizations can strengthen accountability by:
Keeping humans in the loop. Users should always monitor outputs for accuracy and relevance, especially before making decisions.
Testing. Rigorous testing ensures AI tools are reliable before they’re deployed. Solutions should also be regularly monitored for performance and signs of drift over time.
Ensuring that AI systems are explainable, traceable, and auditable. Accountable parties must be able to easily document:
How their AI systems reason and make decisions,
What data and prompts led to specific outcomes, and
How compliant the system is with relevant privacy and AI regulations.
Training users. Educate employees on your policy as well as how to be both productive and responsible with approved AI tools.
4. Strengthen AI Security With Targeted Technical Controls
While governance and ownership are core to stronger security, investing in some technical controls can significantly improve your posture. Due to heightened phishing and credential theft risks, Piper recommends implementing phish-resistant authentication if your organization still uses conventional MFA.
Blocking unsanctioned tools can also go a long way in preventing data from entering external tools. Controls such as Cloud App Discovery, data loss prevention (DLP) policies, Intune, and Defender indicate what cloud apps people are using, limit the sharing of sensitive data, and support shadow AI risk management.
Blockers make it easier to support AI experimentation while reducing the risks of data loss and shadow AI. An important caveat is that these controls must be continuously monitored and adjusted, since freely available AI apps are always evolving.
Move Forward With an Experienced Partner
If your organization feels behind with AI security controls, sometimes the best way to move forward with confidence is to work with a third-party consultant. An experienced security advisor, like IX Solutions, can provide an objective audit of your environment, identify hidden AI risks, and help you implement specific strategies like phish-resistant authentication or an accountability plan.
For many teams, especially those without deep AI expertise, bringing in outside support turns a steep learning curve into a manageable one and can help secure buy-in from leadership.
“AI is evolving too quickly for most teams to become security experts overnight,” says Piper. “The right partner is what will allow you to build on proven approaches out of the gate instead of learning every lesson the hard way.”
Book a consultation with IX Solutions to take the guesswork out of your AI security.
