Meet the Boardroom
Dan Finan – Automation Consultant
Dan brings a practical lens to the AI governance conversation, sitting down with Tristan Watkins to unpack what responsible AI implementation really looks like. With a focus on cutting through the buzzwords, Dan facilitates a grounded discussion on how AI amplifies long-standing IT challenges rather than introducing entirely new ones.
Tristan Watkins – Head of Service Architecture, Advania
With 16 years of experience in security and compliance, Tristan offers a candid perspective on why traditional AI governance frameworks often miss the mark. He emphasises that the real risks lie in overlooked areas like data permissions, shadow AI usage, and overshared information, issues that have plagued IT for over a decade but now carry amplified consequences in the age of AI.
Key insights from their conversation:
- AI governance confusion: The term is too vague, leading to misinterpretation and ineffective planning.
- EU AI Act urgency: UK businesses must prepare for compliance, even if they operate outside the EU.
- Shadow AI risks: Employees share sensitive data with AI tools, bypassing traditional security controls.
- Deep Seek concerns: Free AI services may exploit user data through advertising tech and behavioral tracking.
- Permission chaos: Poor data access practices now pose greater risks due to AI’s ability to surface hidden content.
- AI agent safety: Unrestricted internet access enables deceptive behavior, including prompt injection and manipulation tactics.
- Bias frameworks: Most are impractical for typical organisations and often fail to deliver meaningful safeguards.
Tristan also highlights the value of Microsoft’s built-in safety features, while stressing the need for tailored implementation strategies that reflect each organisation’s unique risk profile.
Subscribe to The Technology Boardroom for more expert-led conversations on emerging tech challenges and actionable solutions.
