What Your Board Will Ask About AI Security
AI moved from pilot to board agenda faster than most founders expected. Three questions are coming - and the answers reveal more than you think.
Your board didn’t ask about AI security last quarter. They will this quarter. Here’s what’s coming.
Your company’s AI adoption is a lot like a renovated house. The kitchen looks great. The new fixtures work. But nobody pulled permits for the electrical, the plumber who roughed in the bathroom left before documenting anything, and that load-bearing wall they moved - well, that’s interesting. All the light switches work. Most of the plugs do too. But you don’t actually know where the panel is, which breakers are tied to what, or what’s behind the walls.
The board isn’t going to ask “do you use AI?” They already know you do. They’re going to ask whether you know what’s behind the walls, who did the work, and what happens when something trips.
The shift is happening fast. Among S&P 500 companies, AI risk disclosure surged from 12% to 83% in just two years. Those enterprise board conversations trickle down - if your Series A board hasn’t asked yet, they will.
And the questions aren’t arbitrary. The Digital Directors Network - a boardroom network focused on AI, digital, and cybersecurity governance - cites MIT CISR research showing that companies with digitally savvy boards saw 38% higher revenue growth over three years. DDN’s own assessment framework covers 20 areas of oversight, and they put it bluntly: when boards serve as a strong control in AI and digital systems, value is created. When they don’t, value is destroyed.
The board isn’t asking to hassle you. They’re asking because the answer predicts performance. Three questions are coming.
What AI Are We Actually Using?
Most founders can name the AI tools they bought. Almost none can name the ones their team adopted without asking. That’s the gap that matters.
Engineers paste code into ChatGPT. Designers use image generators on personal accounts. Someone in marketing signed up for an AI writing tool with a company email and a free trial. A developer connected an AI coding assistant to your production codebase last Tuesday. None of this went through procurement. None of it has a data handling agreement. At most large companies, the majority of AI agents were built with low-code and no-code tools, operating well below leadership visibility. We’re seeing the same pattern at startups, just with less infrastructure around it.
This question is really about inventory. You can’t govern what you can’t see, and if you can’t answer this one, every follow-up question becomes unanswerable. I’ve written before about the AI tools already operating inside organizations without guardrails - the pattern hasn’t changed, it’s just accelerated.
Who Approved It?
The honest answer at most startups is nobody, specifically. Tools get adopted through Slack recommendations and free trials, not procurement workflows. And that’s exactly the gap the board is probing for.
This is an accountability question disguised as a process question. The board doesn’t care about your procurement workflow. They want to know who owns AI risk. Who evaluated the vendor’s data handling? Who decided what customer data could flow through the tool? Who reviewed the terms of service? In my experience, the answer to all three is usually some version of “nobody thought to ask.”
At enterprise scale, the share of companies with board-level AI oversight committees has roughly quadrupled in two years. At a 30-person startup, the answer is usually the CEO, by default, whether they know it or not. That’s fine - as long as it’s intentional. The problem is when nobody realizes that’s the case, and decisions get made by default instead of design.
AI governance starts with knowing who decides what. The CISO role has evolved specifically to own this kind of cross-functional risk. At early-stage startups, that role often doesn’t exist yet. Which means the question lands on the founder’s desk whether they expected it or not.
What’s Our Exposure If It Goes Wrong?
This is where the renovation analogy gets uncomfortable - because when unpermitted electrical work fails, at least the breaker trips (we hope). With AI, the failure might be invisible for weeks. And it’s the question that matters most.
“Goes wrong” means different things for AI than for traditional security incidents. A team member pastes customer data into a model - what’s your liability? An AI coding assistant introduces a vulnerability - how would you know? An agent takes a series of unauthorized actions before anyone notices - what’s the blast radius? The vast majority of security leaders are already concerned about exactly these scenarios, and nearly half have observed AI agents exhibit unintended behavior. We’ve already seen what this looks like at nation-state scale with the GTG-1002 campaign, where an AI agent operated as a primary workforce for espionage.
Your incident response plan was built for compromised accounts and stolen credentials. Not for distributed, multi-step actions taken by an AI agent across multiple systems. The containment playbook assumes you can pull a server or revoke a credential. But what does containment look like when an agent has active sessions, cached credentials, and running jobs across three SaaS platforms? If you’ve been following our incident response series, you know the plan needs updating.
Why Most Founders Can’t Answer These Questions Yet
These aren’t gotcha questions. They’re governance basics that most organizations - not just startups - are still figuring out. The gap is normal. But it’s not safe to leave alone.
DDN and Virginia Tech research found that without AI and cybersecurity expertise at the board level, oversight tends toward “superficial, check-the-box” governance. That finding applies to AI governance just as much as traditional cybersecurity - and DDN’s Digital Oversight Gap assessments at companies like FedEx, GM, and Morgan Stanley are built around exactly this gap. The cost when it goes unfilled is real. UnitedHealth’s $2.5 billion in ransomware costs and CrowdStrike’s $5.4 billion in damages have been attributed partly to boards that couldn’t meaningfully challenge management on security decisions.
Those are enterprise-scale consequences, but the pattern scales down. You probably don’t need a cybersecurity director on your board today. But you need someone in the room - board member, advisor, or fractional CISO - who can translate these questions into honest answers. The three questions map to three capabilities: inventory, governance, and incident readiness. You don’t need all three perfected. You need honest answers about where you are and a credible plan for closing the gaps.
Boards respect transparency more than theater.
Before your next board meeting, find the panel. Build a living inventory of AI tools your team actually uses. Name who owns AI risk decisions. Update your incident response plan for AI-specific scenarios.
Next week, we’ll get practical - how to evaluate an AI vendor’s security posture, and the questions most procurement processes miss.