For the last two years, enterprise AI discussions have largely centered on what happens when employees paste sensitive information into ChatGPT chatbots.
That concern hasn't disappeared. But according to Alastair Paterson, CEO of Harmonic Security, it is becoming the wrong question.
The bigger challenge emerging inside organizations today isn't chatbot usage, but the rise of AI agents capable of performing tasks, accessing systems, maintaining context, and taking action on behalf of users. And while security teams are still trying to understand the scope of AI adoption inside their organizations, the technology is already evolving into something far more powerful.
"We lived through the chatbot era," Paterson said during a recent appearance on CYBR.SEC.CAST. "A lot of people are still in the chatbot era, and that's okay. But as you start moving toward systems that have context and state and are setting up automated workflows of different types, that is pretty transformational."
Full podcast and related article/infographic:
, and CYBR.SEC.Media
Bill Brenner
From answering questions to taking actions
The distinction matters. A chatbot answers questions. An agent performs tasks.
While many employees still use AI primarily for summarizing documents, drafting emails, or generating content, a new generation of tools is beginning to connect AI systems directly to applications, workflows, databases, browsers, and productivity platforms.
The result is AI that doesn't simply respond to prompts, but acts. That shift dramatically changes the security conversation.
An employee accidentally sharing sensitive data with a chatbot is one problem. An autonomous agent that can access corporate systems, execute workflows, connect to third-party applications, and make decisions based on incomplete information is something entirely different.
"The next stage of AI development is significantly more powerful than the chatbot era," Paterson said. "Everyone's trying to get on it as fast as they can."
Security teams are caught in the middle
Complicating matters is the pressure many organizations are placing on security leaders.
Boards, CEOs, and executive teams increasingly view AI adoption as a competitive necessity rather than an experimental initiative. Security leaders who once had the authority to block new technologies are now being asked to accelerate deployment.
Paterson describes many CISOs as being trapped between competing demands.
On one side are business leaders concerned about falling behind competitors that are aggressively embracing AI. On the other are legal, compliance, and security teams trying to determine who is using AI, what tools they're using, what data is flowing into those systems, and how any of it can be governed safely.
The result is what Paterson calls an "AI tsunami" -- a constantly evolving ecosystem of chatbots, coding assistants, agentic browsers, AI-enabled SaaS platforms, local models, connectors, plugins, and emerging agent frameworks.
Even organizations with dedicated AI steering committees often struggle to keep pace.
Why blocking AI doesn't work
Many enterprises initially responded to AI the same way they have historically responded to emerging technologies: by restricting access.
The strategy is proving ineffective.
Paterson recounted conversations with organizations where employees simply moved AI usage to personal devices when approved tools failed to meet their needs. In one case, a senior AI leader at a large healthcare organization reportedly lacked access to ChatGPT on corporate systems and resorted to using personal hardware instead.
Security leaders have seen this movie before.
Shadow IT didn't disappear because organizations wrote policies against it. Employees adopted unsanctioned tools when sanctioned alternatives failed to help them accomplish their jobs. AI is following the same trajectory.
The difference is that the consequences can be significantly larger because modern AI systems can influence decisions, trigger actions, and interact with multiple business systems simultaneously.
The future is governance, not prohibition
The organizations most likely to succeed won't be the ones that try to stop AI adoption. They'll be the ones that learn how to govern it.
That means understanding not just which AI tools employees are using, but also what problems they're solving, what workflows they're creating, what data they're accessing, and how autonomous systems behave once they're deployed.
As agents become more capable, security programs will need to evolve beyond monitoring prompts and preventing data leakage. They'll need visibility into behavior, intent, permissions, and outcomes.
The chatbot debate isn't over, but it is increasingly yesterday's debate.
The security challenge emerging now is not whether employees are using AI, but whether organizations can safely govern systems that are beginning to act on their behalf.
For many security teams, that challenge is arriving faster than expected.
