5 ways for CIOs to deal with AI proliferation

Whether you’re in an SMB or a large enterprise, as a CIO you’ve likely been inundated with AI apps, tools, agents, platforms, and frameworks from all angles. This isn’t surprising given that gen AI investments alone are expected to grow some 60% over the next three years, according to the Boston Consulting Group, accounting, on average, for 7.6% of IT budgets by 2027. 

Dan Priest, US chief AI officer at PwC, says AI proliferation is a reality that’s only going to accelerate, with 79% of CIOs planning to leverage gen AI to help transform their businesses. But only 40% feel fully prepared to manage and integrate these technologies, as PwC’s recent Pulse survey suggests. “Each team and team member will create new agents to perform tasks, autonomously and intelligently,” he says. “At the same time, people are experimenting. They’re using approved tools and exploring others too, increasing the risk of leaking data. CIOs will need to activate multi-layer solutions to manage the complexities coming their way.”

So as a CIO, how should you reign in the chaos and implement a suitable level of governance and control? Of course, you want to enable the entire workforce to innovate responsibly with AI and maximize productivity by utilizing these tools. But you also need to manage spend, reduce duplication of effort, ensure interoperability where necessary, promote standards and reuse, reduce risk, maintain security and privacy, and manage all the key attributes that instill trust in AI.

The challenge is reminiscent of the 1990s when CIOs reigned in application silos by moving to ERP systems, and in the 2010s when CIOs had to contain mobile devices through BYOD policies. Today’s challenge is perhaps far greater. You can’t just move to a single vendor as in the ERP days or develop policies just for physical devices. This change affects the entire IT architectural stack and impacts everything you’re currently doing from business transformation to digital transformation and more.

So here are five ways CIOs can begin to manage AI proliferation and foster a culture of responsible innovation across the enterprise.

Build a culture of responsible AI innovation

We all know that culture eats strategy for breakfast, so before we get into strategy, we need to ensure the culture across the entire enterprise is one of collaborative and responsible innovation.  

According to Ian Barkin, co-founder of 2B Ventures and leading RPA consultancy Symphony Ventures, the answer for CIOs isn’t stricter policing but smarter navigation. “We need all hands on tech, empowering a digitally literate citizenry with the right guidance and thoughtful governance that enables rather than prohibits,” he says. “A reset isn’t about regaining absolute control, but fostering a culture of responsible AI innovation, where IT provides the infrastructure and boundaries for business-led solutions.”

For responsible AI innovation to work well, you’ll need your corporate innovation program to function flawlessly. Whatever organizational model you have for innovation, whether that’s corporate-led, division-led, or hybrid, get with your chief innovation officer and chief AI officer to assess your culture of innovation, where things are working well and where improvements may need to be made. 

Determine your end game for AI

How you execute around AI will depend heavily on your end game. Are you looking to become an AI-first company transforming your business models, products and services via new AI-enabled offerings, or simply leverage AI to improve your existing business models, products and services? Will AI become a core competency and differentiator for the organization requiring you to build your own internal teams of specialists, or something you incorporate as a fast follower by working closely with partners? 

The answers to these strategy questions, and many more, will determine your approach to how you assemble your AI inventory of apps, tools, agents, platforms, and frameworks, and where you decide to build or buy. It’ll also influence the recommendations you share with the business and how they should think about build versus buy decisions themselves.

“An AI strategy is a good way to minimize non-value add proliferation,” says Priest. “A strategic review that determines where to target benefits and to what degree, as well as what risks will need to be managed, will help CIOs flip the oversight approach from reactive to proactive.”

Partner with the business

Another recent BCG study found that in 86% of AI future-built companies, IT is leading or co-leading AI with the business. In AI stagnating companies, or those with the lowest AI maturity, IT is leading or co-leading AI with the business in only 54% of cases. 

The data is clear. Ensure that IT leads or co-leads AI with the business and establishes the infrastructure and boundaries for business-led solutions. When partnering with the business, IT can take the lead in establishing best practices related to AI implementation. These may include setting a holistic AI strategy, identifying and prioritizing use cases, experimenting with purpose, sharing the guardrails, and making ROI an early part of the conversation.

Beyond the common forms of AI governance such as corporate use policies, be sure to include guidelines and policies to evaluate and procure AI tools, adhere to standards, and know how and where to share lessons learned. Leverage existing innovation teams and processes where available to avoid re-inventing the wheel.   

Determine your architectural approach

Now that you have responsible AI innovation in place from a cultural perspective, an end game for AI as part of your business strategy, and a suitable partnership and operating model with the business, you can move to the technical side within the IT stack.

“CIOs should champion a data and technology enablement function that offers guidance, fosters digital literacy, and implements governance through stewardship,” says Barkin.

For data and technology enablement, you’ll want to re-think your IT stack in terms of how AI and data can empower enterprise objectives for intelligent automation, as well as myriad applications supporting transactions, analytics, and decision-making. On the AI side, this should include how you think about incorporating AI agent platforms, agent mesh technologies, and all other flavors of AI and intelligent automation approaches.  

To future-proof your IT stack, you’ll also want to consider the role open source will play within the stack, as well as emerging technologies such as quantum computing. The goal should be centralized management, observability, and agility across the entire stack so you can switch out components as AI and data models, tools, and platforms evolve.

“Open source data management platforms are essential for an AI driven world because we don’t know what data we’ll use — structured or unstructured — or how agile and sovereign the AI needs to be as it moves around clouds and on premises,” says author Michael Gale. “It has to be Five 9s capable and agile for a still defining AI world.” 

Focus on continuous innovation and improvement

Given the pace of innovation in the industry, you’ll want to establish processes such as an emerging technology radar function to continuously monitor new vendors, trends, techniques, pricing models and other industry dynamics. You’ll also want to stay on top of how and where AI is being used across the enterprise.

“IT architectures will need to include robust monitoring features that enable registering, provisioning permissions, tracking, and reporting where AI is being used,” says Priest. “In our Cloud and AI Business Survey, over half of the CIOs said they’re looking to their CSP relationships to help meet their new compliance and security needs. CIOs should work with their learning and development teams to train their people to use AI responsibly, avoiding proprietary data entering non-standard tools. And formal governance measures should be implemented with the full scope of a responsible AI program, which should include, among other things, an AI policy with clear accountabilities spelled out, a senior governance committee to oversee how and where AI is being used, and appropriate controls designed and implemented.”

In other words, says Barkin, true control lies not in preventing AI’s spread, but in cultivating a responsible and innovative AI culture across the enterprise, ensuring alignment with business objectives and risk management.