Everyone wants to use AI. Boards are asking about it. Leaders are being pressured to demonstrate progress on it. Vendors are selling it. And somewhere in the middle of all of this, practitioners are being handed tools and told to make them work, often without the foundational questions having been asked first.
This piece is for those practitioners.
The conversation around AI adoption has a tendency to skip straight to capability and land on risk as an afterthought. What can this tool do? How quickly can we implement it? What does it cost? These are not irrelevant questions, but they are the wrong starting point.
The right starting point is information security. Specifically, it is the CIA triad: Confidentiality, Integrity, and Availability. If you are not familiar with it, read this first. If you are, keep going.
The problem with AI adoption in most organisations
AI tools, at their core, are hungry. They ingest data, process it, and generate outputs. The quality, safety, and legality of everything they produce is directly dependent on the data going in.
Most organisations are adopting AI tools while sitting on years of poorly governed data. Unclassified. Poorly documented. Scattered across systems that do not talk to each other. Without clear ownership. Without access controls that reflect current reality rather than the state of things three reorganisations ago.
Feeding that data into an AI tool does not make those problems disappear. It amplifies them.
Confidentiality: Should this data be in your tool at all?
The first question is not “what can the AI do with this data?” It is “who will have access to outputs generated from this data, and is that appropriate?”
AI tools, particularly those accessed via third party platforms, do not always keep your data contained. In March 2023, Samsung engineers used ChatGPT to help debug source code and generate meeting notes. Three separate incidents in under a month. In each case, confidential information, including proprietary source code and internal meeting content, was submitted to an external platform. That data was retained by OpenAI. Samsung could not retrieve it. The company ultimately banned generative AI use across the organisation.
This was not a sophisticated attack. It was employees doing their jobs, using a tool that had been made available to them, without adequate governance about what should and should not go into it.
The question of confidentiality in AI adoption is not hypothetical. It is operational. Before any data touches an AI tool, you need to know its classification. You need to know the terms of the platform you are using. You need to know whether personal data, commercially sensitive data, or legally privileged data is in scope, and if so, whether the tool is even appropriate for that use case.
This is where information security and AI governance are not separate disciplines. They are the same conversation.
Integrity: Can you trust what the AI is working with?
Even if your data should be in the tool, the next question is whether it can be trusted.
AI outputs are only as reliable as the data they are built on. If the underlying data has not been maintained, is out of date, contains duplicates, or has been altered without adequate change controls, you are not getting intelligent outputs. You are getting confident-sounding outputs built on a compromised foundation.
This matters particularly in regulated environments. If an AI tool is being used to support decision-making, that tool needs to be working with data that meets integrity standards. Can you demonstrate that the data has not been tampered with? Is there an audit trail? Are there controls in place to flag anomalies?
Integrity failures are not always dramatic. They accumulate quietly. A field updated incorrectly here. A record not reconciled there. Over time the dataset drifts from reality, and the AI tool processes that drift as though it were fact.
If your organisation cannot currently answer the question “is our data what we say it is,” deploying AI does not fix that. It just makes the consequences of the gap more visible, and potentially more damaging.
Availability: Do you even know where your data is?
This is the one that does not get talked about enough, and in my experience it is where a lot of AI adoption projects quietly stall.
Organisations have data. Often enormous amounts of it. Across legacy systems, cloud platforms, shared drives, email archives, spreadsheets that live on one person’s laptop. Accumulated over years with varying degrees of governance and documentation.
AI tools can only work with data they can ingest. And they can only ingest data that someone can locate, extract, and present to them in a usable format. Availability in the context of AI adoption is not just about uptime. It is about data discoverability. It is about whether your data estate is documented well enough for anyone to actually find what they need.
If the answer to “where does this data live?” is “it depends who you ask,” that is an availability problem. It is also a governance problem. And it will surface the moment you try to implement an AI tool at any meaningful scale.
This is not a technology problem that AI will solve for you. It is a people, process, and governance problem that needs to be addressed before AI enters the picture.
Information security is the foundation. AI governance sits on top of it.
The CIA triad is not new. It has been the bedrock of information security thinking for decades. What is new is the urgency with which it now needs to be applied, because the consequences of ignoring it have scaled.
When data governance was primarily about filing systems and access logs, the blast radius of a failure was relatively contained. When the same data is being ingested by AI tools that generate outputs consumed across an organisation, the blast radius is considerably larger.
AI governance is a growing and important discipline. But it does not replace information security governance. It requires it. An organisation that cannot answer the three questions above is not ready to adopt AI responsibly, regardless of how compelling the vendor pitch was.
Walk before you run. Ask the hard questions about your data before you ask what the tool can do with it. Your confidentiality, integrity, and availability posture will tell you more about your AI readiness than any product demo.