Blog

Designing AI Governance for How AI Actually Works

Omri Iluz
Lumia Security LabsOmri Iluz

March 31, 2026 | 7 min read

When AI begins spreading across an organization, the instinctive response is understandable:
Can we extend the controls we already have?

Security teams have done this successfully before. Cloud, SaaS, and DevOps were all governed by adapting existing frameworks. It’s reasonable to assume AI can follow the same path.

The challenge is that AI changes where governance needs to operate. And that makes retrofitting insufficient.

This is especially true because many AI governance choices are made early; often before organizations realize they’ve made them at all.

The first shift: stop treating AI like another system

Most security controls assume systems behave predictably.

Users authenticate. Applications execute defined functions. Data flows follow expected paths. Even in complex environments, behavior is largely deterministic.

AI doesn’t behave that way.

AI systems infer intent, generate outputs, and adapt based on context. The same input does not always produce the same outcome, and the same access does not imply the same risk.

Actionable takeaway:

Before extending controls, recognize that AI is not just another workload. Governance needs to account for variability, intent, and outcome; not just access and location.

The second shift: govern usage before enforcing controls

Traditional security often works backward: observe behavior, then enforce.

With AI, that sequence breaks down.

By the time enforcement becomes necessary, AI usage is already embedded in workflows, expectations, and dependencies. Controls added at that stage tend to limit productivity without shaping behavior.

Effective AI governance starts earlier by clarifying how AI is allowed to be used before enforcement scales.

Actionable takeaway:

Start governance by defining acceptable AI use and boundaries, not by tightening controls. Enforcement should follow direction, not replace it.

That same sequencing challenge is why the starting point matters. In a separate post, Where to Start with AI Governance, we outlined how organizations can begin governing AI by focusing on bounded areas of exposure, rather than waiting for complete visibility that never fully arrives.

The third shift: move governance closer to intent, not infrastructure

Many existing controls focus on where activity happens: network paths, applications, identities.

AI collapses the distance between access and outcome. Two users can use the same tool, authenticated the same way, and create very different levels of risk depending on intent and context.

Actionable takeaway:

When evaluating governance gaps, ask whether controls help you understand how AI is being used and to what end, not just who accessed what.

The fourth shift: stop optimizing for predictability

Data protection and policy engines often rely on stable patterns: known data flows, consistent behaviors, repeatable rules.

AI usage is inherently variable. Trying to force it into static models leads to broad blocking, endless exceptions, or both.

Actionable takeaway:

Instead of asking “Can we define every rule?”, ask “Do our controls tolerate variability without defaulting to restriction?” Governance should guide usage, not attempt to predict it exhaustively.

The fifth shift: separate governance from containment

One of the hidden costs of retrofitting is that governance becomes synonymous with restriction.

When controls are misaligned with AI behavior, security teams are forced into blunt responses. Over time, governance is seen as something that slows adoption rather than enables it.

That’s not a tooling problem.
It’s a sequencing problem.

Actionable takeaway:
Reframe AI governance as a way to enable safe usage at scale - not as a containment mechanism introduced after risk appears.

What this changes for security leaders

AI governance doesn’t require abandoning existing controls. But it does require recognizing their limits.

The most effective security leaders aren’t asking how to stretch old frameworks further. They’re asking where governance needs to operate before enforcement becomes the only option.

That shift, from retrofitting controls to deliberately designing governance, is what allows organizations to adopt AI with confidence rather than caution.

For leaders who don’t want early AI choices to quietly harden into long-term constraints, we outline how organizations can act before those decisions become difficult to change.

Frequently Asked Questions

Designing AI Governance for How AI Actually Works

Omri Iluz
Lumia Security LabsOmri Iluz

March 31, 2026 | 7 min read

Traditional SaaS and cloud controls assume predictable, deterministic behavior: users authenticate, applications perform defined functions, and data flows follow known paths. AI does not work that way. AI systems infer intent, adapt to context, and can produce different outputs from similar inputs. That means governance needs to account for how AI is being used, what outcome it may create, and what risk that usage introduces, not just whether a user accessed an approved application.

Governing AI based on intent means understanding the purpose and context of an AI interaction, not just the tool being used. For example, two employees may use the same AI app with the same identity and access level, but one may be summarizing public content while another is uploading sensitive source code or customer data. The risk is different because the intent and outcome are different. Effective governance needs to recognize those differences.

Once AI usage becomes embedded in daily workflows, enforcement becomes harder and more disruptive. Employees build habits, teams create dependencies, and security teams are left reacting with broad restrictions or exceptions. Starting earlier allows organizations to define acceptable AI use, establish boundaries, and guide adoption before controls feel like a blocker.

Organizations can avoid blanket blocking by designing controls that tolerate variability. AI usage is not always predictable, so governance should not depend on defining every possible rule in advance. Instead, security teams should focus on visibility, context, acceptable-use boundaries, and adaptive policy enforcement. The goal is to guide safe usage at scale, not force every AI interaction into a rigid allow-or-block model.

Lumia helps organizations govern AI usage in the traffic path, where real AI interactions happen across browsers, desktop apps, agents, embedded AI features, and backend AI flows. Because Lumia provides visibility into how AI is being used, where data is going, and what context surrounds each interaction, security teams can move beyond app-level allow lists and static controls. That makes it possible to enforce AI policies based on usage, intent, and risk while still enabling employees to adopt AI safely.

Blocking AI apps is not an option anymore. Adopt AI. Safely. Reach out today to learn more.

Get Started

We use cookies to enhance your browsing experience, serve personalised ads or content, and analyse our traffic. By clicking "Accept", you consent to our use of cookies.