The active proliferation of AI will unleash extraordinary productivity and efficiency. However, recent news regarding Anthropic’s new Claude model—where it successfully “broke out” of a sandboxed testing environment—proves that it is extremely hard to manage, predict and understand the power of an agent. As a result, organizations need to think more holistically about the right controls, oversight mechanisms and governance that both the corporation and the board must put in place.

When a leading model company as sophisticated and skilled as Anthropic proves the risks to us, we must acknowledge what we call “the human error.” We know this, of course, from our experience with cybersecurity and the endless phishing emails we receive daily. Facts show that 94 percent of all breaches are caused by human error, such as clicking on an infected link. Just as we must continuously train ourselves and our employees to avoid cyberattacks, we now have to contend with a force multiplier as we upskill our workforce. Statistics suggest that 55 percent of all jobs in the US will be reshaped, redefined and reimagined by embedding AI and agentic capabilities into our workflow.

This means we are all on the same learning curve. We are encouraging our employees to become AI and agentic fluent. As individuals, we are using AI assistants in our daily lives. Now, many of us are boldly beginning to use “vibe programming” with natural language prompts to create our own agents. This raises the risk significantly, as we have just expanded the attack surface—unless we proactively implement the necessary guardrails and protections.

Corporate boards need to think about acceptable use cases and absolute “no-go zones” for AI. For example, there should be no unsupervised AI decisions in areas that are highly regulated or relate to safety. There should also be a clear structure defining where AI oversight resides. Normally, this might fall to the audit committee, where cybersecurity often lives; however, given the audit committee’s broad remit and heavy workload, it might be best to consider a technology committee to handle AI and cyber oversight, depending on how critical these are to a given company.

Implementing Comprehensive AI Governance

For effective AI governance, a board must identify the risk tiers they are comfortable with. As we train our people to become AI fluent and agentic ready, we should be explicit about the boundaries of how far the AI can go.

For example, a low-risk use case would be “read-only.” The AI could neither write nor publish content externally.

In a medium-risk scenario, we would ensure the AI is structured so that any mistakes or actions could be reversed, with specific limits on what is automated.

For very high-risk areas—such as intellectual property, payments or the ability to delete data—where actions could be irreversible and have a material impact, we must insist on a “human-in-the-loop” approval requirement.

Once risks and use cases have been categorized, there must be an individual owner identified for each. Every agent must have an owner who is responsible for the agent’s purpose and for maintaining proper guardrails. Board members should request an “agent register,” who would identify the owner, the associated risks, the risk tier and a description of the agent’s capabilities.

The common mistake regarding guardrails is relying on a policy written on paper. A policy is useless without physical evidence and active oversight. There must be technical controls and tests to prove that guardrails are being monitored and enforced.

This is a perfect analogy to how cybersecurity oversight is conducted. Just as there is continuous monitoring in cyber, there must be continuous monitoring of agent behavior. There must be a formalized response and incident alert process, including an escalation path and, most importantly, a method to contain damage and disable an agent. When considering the attack surface and mitigation, the same principles apply:

• Identity Management: Every agent should have its own unique credentials. They cannot share an API key.
• Mapping: Each agent must be mapped to a human owner.
• Least Privilege: Design everything with the lowest level of privileges required. Explicitly identify which systems, data, and endpoints an agent can access and what operations it is allowed to perform.
• Vulnerability Points: Confirm there is no direct access to production databases or administrator APIs.

Essentially, your mindset must be one of Zero Trust.

AI represents a massive opportunity as well as a giant risk. The board should oversee this with the same deliberation used for capital allocation, major acquisitions and other high-stakes processes. Using a cybersecurity framework helps categorize the components needed to monitor, such as data, privacy, ethics, compliance and confirmation that AI algorithms are not “drifting.”

These are all vital considerations as we look to create a practical approach and a checklist for boards to actively administer this year. With 55 percent of jobs expected to adapt to AI, employees will be rapidly moving up the learning curve, writing and deploying agents for internal and external use. This makes AI governance an urgent priority to keep companies safe while remaining competitive.