The New Stack, highlighting how AI governance has become a critical focus for IT and cloud infrastructure leaders as artificial intelligence transitions from experimentation to essential operational use. A recent survey from Komprise indicates that 54% of IT leaders now prioritize AI governance, a marked increase from 29% in 2024, reflecting a significant shift in how organizations assess AI success—not just by model performance, but by trustworthiness and security. As AI is increasingly integrated into daily operations, the need for robust governance mechanisms becomes paramount. This includes oversight of data sourcing, access, and monitoring, with many executives acknowledging the heightened risks associated with AI data flows. The rise of purpose-built AI models across various sectors further complicates governance, necessitating comprehensive frameworks to ensure compliance and protect sensitive information. Ultimately, organizations that prioritize unstructured data governance will be better positioned to leverage AI effectively while mitigating risks.
Rich Freeman in Channelholic revisited Secure By Design. The initiative, launched in 2024 under former CISA director Jen Easterly, aimed to encourage technology vendors to enhance security measures, such as implementing multi-factor authentication and addressing vulnerabilities. Despite the program signing over 300 companies, including major players like Microsoft and Cisco, recent comments from industry experts indicate that interest in the initiative has waned, particularly following Easterly’s resignation and the lack of a confirmed successor. Chester Wisniewski, director of global field CISO at Sophos, noted that while the initiative initially raised awareness, the actual impact on security practices remains uncertain. Some signatories reportedly had pre-existing security measures in place before signing the pledge. Nonetheless, 40 companies have issued progress reports, with Wisniewski asserting that Sophos’s commitment to the program has provided a competitive edge in securing business. The ongoing challenge for the initiative is to maintain engagement among signatories and encourage those who have not committed to adopt best practices.
“When To Use GenAI”. As generative artificial intelligence capabilities evolve, software architects and developers are faced with critical decisions regarding the use of GenAI-based solutions versus traditional programming. A systematic, four-dimensional decision framework helps guide technology selection in application design. This framework evaluates key aspects such as the nature of the task, data types, scalability, and task complexity to determine whether GenAI will add value or create unnecessary complexity and costs. For instance, Klarna’s customer service chatbot effectively utilizes GenAI to interpret ambiguous customer messages across 35 languages, while traditional code handles structured operations like payment processing. The article emphasizes that successful systems often blend GenAI with traditional code, highlighting three operational trade-offs: time-to-market, transparency, and cost structure. By understanding these dynamics, organizations can make informed decisions on when to implement GenAI solutions.
In a recent commentary for Fortune, the leader of Tulsa Remote, the largest remote worker attraction program in the U.S., acknowledges the validity of critiques surrounding remote work but argues that proposed solutions are misguided. The article highlights the program’s success in facilitating community connections and professional development, with nearly 4,000 remote workers relocated to Tulsa since 2018, resulting in doubled work satisfaction and over 80% retention rates. According to the program, remote work is not failing employees; rather, inadequate leadership and support are to blame. A 2024 Stanford study found that employees working from home two days a week are just as productive as their office-based counterparts. The article contends that organizations must invest in infrastructure and connections to help remote workers thrive, emphasizing that poor management should not be conflated with the remote work model itself.
Why do we care?
What ties all of this together is not AI hype, or security slogans, or remote work culture. It’s control.
AI governance is rising because AI is now inside business processes that have consequences. If you don’t know who can stop the system, you don’t have governance—you have hope.
Secure by Design shows what happens when we confuse intent with outcome. Signing a pledge feels like progress. But unless it changes product behavior, escalation paths, or failure handling, it doesn’t reduce risk. And when that risk materializes, it doesn’t bounce back to the vendor—it travels downhill.
The GenAI discussion is critical because it quietly acknowledges this. GenAI works best where ambiguity exists, not where accountability does. The mistake MSPs will make is letting those boundaries blur in the name of speed or differentiation.
And remote work? Same story. When leadership is weak, distance becomes the scapegoat. When systems are strong, location barely matters.
If you are an MSP deploying AI tools, security platforms, or remote-work infrastructure without explicit authority to govern outcomes, you are volunteering to absorb failure you didn’t cause.
That shows up as client churn when something breaks.
It shows up as margin pressure when remediation isn’t billable.
And eventually, it shows up as legal exposure when “managed” quietly turns into “responsible.”
The gap between automation and authority is where harm lives. And unless MSPs actively close that gap, someone else will decide who pays for it. If you don’t have the authority to pause, override, or explain a system’s behavior, you’re not managing it—you’re underwriting it.