← Back to articles

28 April 2026 8 min read Josh Brown AI AdoptionAI GovernanceAI Agents

The security team is right. Your AI rollout is still too timid.

Strict security is not the enemy of AI adoption. Bland, over-controlled rollouts are. Here is how companies can give AI enough room to be useful without losing control.

Most companies are stuck in a weird place with AI.

The leadership team can see the opportunity. The ops team can see the admin. The commercial team can see the drag in proposals, reporting, client follow-up and internal handovers. Security can see the obvious problem: sensitive data, unclear permissions, messy prompts, unknown vendors and staff pasting things into tools they barely understand.

So everyone compromises.

The company buys a safe, approved Copilot-style tool. It sits inside the existing environment. It can summarise meetings, tidy emails, draft a few slides and answer questions from approved documents. Nobody gets fired for choosing it. Nobody has to explain a rogue agent touching customer data. Nobody has to redesign a process.

The problem is that this version of AI is often too bland to matter.

It is safe enough to approve, then too constrained to change how work actually gets done.

Security is not the enemy#

Strict-security environments have good reasons to be strict.

If you are handling client files, health data, legal documents, financial information, regulated operations or commercially sensitive bids, you cannot treat AI like a toy. The risk is real. Data leakage, bad advice, hallucinated outputs, weak audit trails and unclear accountability are live business issues.

Security teams are right to ask hard questions:

  • What data is being used?
  • Where does it go?
  • Who can see it?
  • Can outputs be audited?
  • What happens when the model is wrong?
  • Who signs off a decision?
  • Can the tool take action, or only suggest one?

Those questions should exist. The mistake is answering them by removing everything that makes AI useful.

Many organisations respond to risk by forcing AI into the least threatening shape possible: a polite assistant in a sidebar. It waits to be asked. It avoids judgement. It writes in a flat corporate voice. It has no real context, no permission to push work forward and no route for escalation.

That may pass procurement. It rarely shifts the numbers.

Bland AI creates a false sense of progress#

A lot of companies now have AI access, AI licences and AI steering groups. Fewer have changed a meaningful workflow.

That gap matters.

If your AI tool can summarise a meeting, yet cannot help a manager chase the actions, spot risk in the account, draft the follow-up and prepare the escalation note, you have bought convenience. Useful, yes. Strategic, probably not.

If it can help a bid team rewrite a paragraph, yet cannot maintain the evidence library, challenge weak answers, flag missing compliance points and prepare a first-pass response, it is a writing aid.

If it can answer HR policy questions, yet cannot help managers handle absence patterns, onboarding gaps or performance follow-up with care and consistency, it is a search box with better manners.

The issue is not that these tools are bad. They are fine. The issue is that companies mistake access for adoption.

Real adoption changes behaviour. Someone stops doing a low-value task manually. A team makes a decision faster. A manager gets a better first draft. A commercial lead sees risk sooner. A handover improves. A client response goes out in hours instead of days.

That is the bar.

Agents need some personality, or they become furniture#

There is an uncomfortable point here: useful agents need a bit of expression.

I do not mean gimmicky avatars, fake friendliness or a bot pretending to be your mate. I mean behaviour. A useful agent should be able to say, in plain language:

  • “This looks incomplete. I would not send it yet.”
  • “The client asked three questions and we have only answered two.”
  • “This margin looks thin compared with the last deal.”
  • “You are asking me to use data I am not approved to access. Escalate this.”
  • “There is a faster route. Use the approved template and ask Finance for the missing figure.”

Most enterprise AI has been trained, configured or governed into passivity. It produces safe paragraphs. It avoids strong recommendations. It does not take initiative. It does not challenge the user. It does not carry enough context to be commercially useful. It does not know when to stop and ask for a human decision.

That makes it feel safe. It also makes it forgettable.

The best human operators are useful because they exercise judgement within boundaries. They know when to push, when to check, when to escalate and when to leave a decision alone. AI adoption should aim for the same pattern, with tighter controls and clearer logs.

Waiting for the bell curve is still a choice#

The funny bit is that many companies call themselves innovative while waiting for everyone else to prove the path first.

They want the case studies, the mature vendors, the regulatory comfort, the benchmark data, the peer examples and the board-level reassurance. By the time all of that exists, the early advantage has gone.

This does not mean leaders should gamble with core systems or customer trust. It means serious companies need a better muscle for controlled experimentation.

There is a cost to waiting. Your competitors learn faster. Their managers become better at judging AI outputs. Their teams build habits around better prompts, better review, better escalation and better workflow design. They find the awkward edge cases while you are still debating the policy.

The adoption curve is not only about technology. It is about organisational learning. If you start late, you are behind on the human side too.

What to do instead#

The answer is not “let agents loose”. That is lazy thinking.

The answer is a governed rollout that gives AI enough room to be useful and enough control to be trusted.

1. Split work into risk tiers#

Do not govern every use case as if it carries the same risk.

A marketing brainstorm, an internal meeting summary, a client-facing legal recommendation and an automated supplier instruction should not sit in one bucket.

Create simple tiers:

  • Low risk: internal drafts, summaries, admin support, training exercises.
  • Medium risk: client-facing drafts, commercial analysis, operational recommendations.
  • High risk: regulated advice, sensitive data, external actions, financial decisions, customer commitments.

Then decide what each tier allows: data access, model access, approval steps, logging and human sign-off.

This gives teams a route to move. It also gives security something practical to manage.

2. Build sandboxed agents around real workflows#

Generic assistants produce generic value.

Start with one workflow that already hurts. Proposal creation. Account review. Recruitment screening. Compliance evidence gathering. Site inspection reports. Customer support triage. Board pack preparation.

Give the agent a narrow job, approved data routes and a clear definition of done. Let it operate in a sandbox before it touches live systems. Watch what happens. Capture the mistakes. Tighten the process.

A good sandbox is not a demo area. It should use realistic documents, realistic pressure and realistic managers reviewing the output.

3. Approve data routes, not random tool use#

Most AI policy fails because it speaks in broad warnings.

“Do not enter sensitive data into public tools” is sensible, yet it does not tell a sales manager what to do with a messy client brief at 5pm.

Give people approved routes:

  • This type of document can go into this tool.
  • This data must stay inside this environment.
  • This output needs manager review before it leaves the business.
  • This process cannot use AI until Legal approves the source material.
  • This action can be drafted by AI, then sent only by a named role.

People follow rules better when the route is clear.

4. Teach managers to judge the work#

AI training cannot stop at prompt tips.

Managers need to learn how to review AI outputs properly. That means spotting confident nonsense, checking source material, asking for assumptions, comparing outputs against policy and deciding when the answer is good enough.

Adoption often breaks at this point. The team gets a tool, then the manager has no standard for quality. So the output is either trusted too much or ignored completely.

Aygent spends a lot of time here because it is where the commercial value usually sits. The tool matters. The review habit matters more.

5. Give agents escalation paths#

A useful agent should know its limits.

If it sees missing data, restricted content, a policy conflict or a high-risk decision, it should not improvise. It should escalate in a way the business understands.

That might mean routing to a manager, tagging Legal, requesting a source document, or producing a short risk note instead of a final answer.

Autonomy without escalation is reckless. Escalation without autonomy is bureaucracy. The practical middle is where agents can progress low-risk work, pause at the right moment and make the next human decision easier.

6. Measure workflow impact, not licence usage#

Usage dashboards are comforting and often useless.

The question is not how many people opened the tool. The question is whether a workflow improved.

Measure things like:

  • proposal turnaround time
  • rework on client drafts
  • number of escalations caught early
  • manager review time
  • admin hours removed
  • response quality
  • handover completeness
  • sales follow-up speed
  • compliance evidence gaps

If the metric is vague, the rollout will be vague too.

The commercial point#

AI in strict-security environments will not succeed by pretending risk is small. It will succeed when leaders treat adoption as an operating change.

That means security has a seat at the table early. Ops chooses the workflows. Managers are trained to review outputs. Commercial teams define where speed or quality actually matters. IT provides the approved routes. The board accepts that controlled learning is safer than unofficial tool use in the shadows.

The companies that get this right will not be the ones with the flashiest AI announcement. They will be the ones that quietly redesign five or six important workflows while everyone else is still arguing about whether staff can use AI at all.

Bland AI feels safer because it asks less of the organisation. Useful AI asks for clearer judgement, better governance and more honest management.

That is the trade. And it is worth making before the bell curve makes the decision for you.