Home > Blog

AI agents have access. Governance did not get the budget.

That is the central issue behind The CISO AI Leverage Report from Open Future Forum.

The report looks at how CISOs and security leaders are buying, funding, governing, and getting leverage from AI in 2026. It focuses on one of the most important questions now facing enterprise security leaders:

Can the CISO govern the AI systems, agents, access, and workflows entering the company faster than the risk surface expands?

This is no longer just a cybersecurity trends conversation. It is a C-suite governance issue.

Watch the Executive Briefing

I covered the report in this Executive Briefing on The Murray Newlands Show:

You can also watch the video directly on YouTube here: The CISO AI Leverage Report — Executive Briefing.

Why The CISO AI Leverage Report Matters

The CISO is now in a difficult double position.

AI is one of the newest risks the security function has to govern. But AI may also be one of the only realistic ways security teams can scale the work of governing that risk.

That means the CISO has to secure AI and use AI at the same time.

This is why The CISO AI Leverage Report matters.

The report is not a vendor threat report. It is not a product ranking. It is not a generic cybersecurity trends report.

It is an operator-research report focused on how security leaders are actually thinking about AI budgets, AI governance, AI agents, access, shadow AI, and security leverage.

The AI Agent Governance Budget Gap

The lead finding from the report is direct:

Security leaders can see the AI agent governance problem, but many do not yet have the dedicated budget line to solve it.

AI agents are entering the enterprise with access to systems, data, credentials, workflows, customers, employees, and internal processes.

That changes the security surface.

The question is no longer only whether attackers are using AI.

The more immediate enterprise question is whether the company understands the AI already inside the business:

  • What AI systems are running?
  • What AI agents have access?
  • What credentials do they hold?
  • What data can they touch?
  • What actions can they take?
  • Who approved them?
  • Who monitors them?
  • Who owns the risk when something goes wrong?

Those are now core CISO questions.

AI Agents Change the Security Conversation

AI agents are not just another software category.

They are not just chatbots.

They are systems that may be able to act, connect, retrieve, execute, communicate, and automate across the enterprise.

That means CISOs are no longer only securing applications, endpoints, networks, identities, cloud environments, and SaaS tools.

They are now also being asked to secure autonomous and semi-autonomous AI systems operating across those environments.

That creates a new governance layer:

  • Agent identity
  • Agent access
  • Agent permissions
  • Agent audit trails
  • Agent accountability
  • Agent lifecycle management
  • Agent decommissioning
  • Agent risk ownership

This is why AI agent governance is becoming one of the defining security problems of the AI era.

The CISO AI Leverage Index

One of the most important ideas in the report is the CISO AI Leverage Index.

The CISO AI Leverage Index is designed to measure whether AI is helping security teams cover more surface without adding headcount.

That is the right question for the security seat.

Security teams are already stretched. They already have more alerts, more vulnerabilities, more compliance obligations, more SaaS exposure, more cloud surface, more identity risk, and more internal demand than they can comfortably manage.

AI adds another layer of complexity.

So the question becomes:

  • Can AI help the security function govern more surface?
  • Can AI help detect more exposure?
  • Can AI help inventory shadow AI?
  • Can AI help review agent access?
  • Can AI help speed up response?
  • Can AI free the team for higher-value work?

That is security AI leverage.

Not hype. Not another dashboard. Not another tool category.

Leverage means security can cover more of the enterprise surface without simply adding more people.

The CISO Inherits Everyone Else’s AI Decisions

One of the biggest structural problems in enterprise AI is that AI often enters the company through doors the CISO does not control.

A business unit may adopt the tool.

The CIO may approve the system.

The CEO may push the urgency.

The CFO may approve the budget.

The marketing team may deploy the workflow.

The sales team may use the agent.

But the CISO inherits the access.

That is the problem.

The CISO is often asked to govern systems that security may not have selected, funded, approved, or deployed.

That is why AI security cannot be treated as an afterthought.

Security has to be designed into the AI operating model from the beginning:

  • At the procurement stage
  • At the workflow stage
  • At the budget stage
  • At the governance stage
  • At the board stage

Why This Is a Board-Level AI Governance Issue

The CISO AI Leverage Report is a report for CISOs, but it is not only for CISOs.

It matters to CEOs because AI acceleration creates governance debt if security is not involved early.

It matters to CFOs because AI security may need its own dedicated budget line.

It matters to CIOs and CTOs because AI deployment and AI access must be designed with security from the start.

It matters to CMOs because marketing AI agents may act publicly in the company’s brand voice.

It matters to CROs because AI-powered go-to-market workflows can create new data, access, and compliance risks.

And it matters to boards because AI governance is becoming part of enterprise risk oversight.

The board-level question is simple:

Can the company say how many AI systems and agents are running, what they can reach, and who owns the risk?

If the answer is no, the company has an AI governance problem.

From Cybersecurity Defense to AI Governance

The old cybersecurity conversation was mostly about protecting the company from external threats.

That is still critical.

But the AI security conversation is broader.

It is also about internal access.

It is about shadow AI.

It is about agents with permissions.

It is about models using sensitive data.

It is about workflows running without clear ownership.

It is about AI projects that get canceled but leave behind integrations, credentials, or data exposure.

Every executive buys AI for a different reason.

The CISO inherits all of it as surface area.

That is the shift The CISO AI Leverage Report captures.

Read the Medium Post

I also published a longer Medium article on this topic here:

The CISO AI Leverage Report: AI Agents Have Access. Governance Did Not Get the Budget.

The Medium post expands on why AI security is moving from a threat conversation to a governance, access, budget, and leverage conversation.

The New CISO Mandate

AI is no longer just another technology to approve.

AI is becoming an operating layer across the enterprise.

And once AI becomes an operating layer, security has to become part of the operating model.

Not after deployment.

Not after procurement.

Not after an incident.

Before the agent gets access.

Before the workflow goes live.

Before the budget is spent.

Before the risk is invisible.

The new CISO mandate is this:

  • Secure the AI the company is adopting.
  • Use AI to scale security coverage.
  • Close the governance budget gap.
  • Make sure the business can answer the question: what can this AI reach?

That is why The CISO AI Leverage Report matters.

AI agents have access. Governance did not get the budget. Now the CISO has to close the gap.

Links