Most conversations about AI in business start with the wrong question of “Can AI do the job?”
It is entirely the wrong place to start.
The real question for leadership is quieter but vastly more important…
“Will this platform still exist, function, and be supportable when the AI bubble shifts?”
Right now, many organizations are not just experimenting with AI. They are rebuilding entire business workflows, reducing staff, and reshaping operating models around it. AI is moving from a novel enhancement to an essential layer of business execution. That transition changes the risk profile of the entire company.
When AI becomes infrastructure, it stops being a feature decision and becomes a business continuity decision.
Most digital risk discussions focus on security, privacy, or compliance. Those matter, but they miss a small but still very significant point, and that is platform dependency risk. When core processes rely on fast-moving AI ecosystems, leadership is no longer betting only on performance. They are betting on vendor survival, funding cycles, governance maturity, regulatory stability, and long-term operability.
That is a very different kind of risk than adopting a CRM or a payroll system. Many of these new AI systems will disappear just as fast as they emerged. Many are founded on novel concepts that are basically being field tested in the businesses adopting them, to determine if they are actually viable business models to begin with. That should scare anyone.
We are also in a classic bubble pattern. Capital is flowing quickly. Product roadmaps are moving faster than governance models. Teams are under pressure to “AI-enable” everything. And in many cases, organizations are using AI adoption as a justification to lean out, make abstract judgments, and reduce human capacity. That performance boost can cause a company to far overextend, meaning any stall in velocity becomes failing their customers at the same speed.
It only works if the platform matures the way leadership assumes it will, even though no one fully understands how it works, how fast it is evolving, or what it will look like in six months, much less six years. Unless you simply have room to ramp up and fail in your business model, it is not irrational to question this.
In my crystal ball I see:
Businesses investing heavily into new AI-driven platforms could find themselves midair without a platform to stand on.
When a system becomes essential, unwinding it is no longer a technical project. It becomes a financial, operational, and security event.
If a major AI initiative stalls, collapses, is regulated out of scope, or simply fails to deliver, companies are forced to accelerate migrations. Those migrations rarely happen under ideal conditions. They happen under pressure, with reduced staff, incomplete documentation, rushed integrations, and security shortcuts. And remember, failure can come from the company’s success as well, so the blade cuts two ways. The product you are adopting right now is likely growing in exponents, right along the curve of the AI bubble. It may simply move away from you, or the product may mature into something no longer as useful to your business as it constantly revamps product models/features. And we cannot ignore the fact that these massively successful products are often consumed by bigger products. When that happens, you may be forced to make changes to protect your initial investment, or a competitor may buy it to cannibalize its customer base and kill it.
- This is where digital risk becomes business risk.
- Technical debt turns into financial debt.
- Temporary fixes become permanent exposure.
- Security posture erodes as leadership focuses on continuity rather than resilience.
Another layer often overlooked is staffing. Many organizations reduce headcount as AI platforms come online. But when platforms fail, the people who knew how systems worked before automation are already gone. That makes recovery slower, more expensive, and riskier than leaders expect.
AI adoption is not dangerous because AI is immature.
It is dangerous when organizations treat maturity as guaranteed because it is just so darn cool or saves so much money, and they do not care, etc.
The smarter posture is not avoidance. It is risk-aware integration.
That means asking different questions at the executive level:
- What happens if this platform stalls in two years?
- How portable are our workflows and data?
- What security model exists if we need to unwind quickly?
- Are we improving decision quality, or just accelerating decisions?
- Are we investing for resilience, or only for efficiency?
Digital transformation should not be about how advanced the technology is. It should be about how survivable the business model becomes when the environment changes.
AI will reshape enterprises. That part is inevitable. And it will play a part in their future, that is undeniable.
Whether it strengthens them or destabilizes them depends less on what AI can do today, and more on how leaders prepare for the moment when today’s assumptions stop holding.
So what’s the big deal here? Products come and go all the time… Tell that to the companies buying nuclear power plants, and contemplating data centers in space to keep them cool. Or the single company, Nvidia, whose latest valuation at the time of this writing sits as high as the 4th highest GDP globally, that would be Japan, and is sneaking up fast on Germany, to soon be valued at only second to the GDP of the US and China. Those companies are planning for growth on a scale the tech industry has never even come close to having seen, and with Gartner predicting that over 40% of agentic AI projects will be canceled by the end of 2027 due to escalating costs, unclear business value, or inadequate risk controls…
The risk is so transparent that birds will die flying into it. Don’t be on that flight!
Gene is Field CTO for Action1, where he engages with industry leaders and customers worldwide, advocating for modernizing patch management and evolving security standards, while showcasing how Action1 empowers organizations to achieve stronger resilience and compliance. With 30 years in IT, Gene has worked across development, system administration, consulting, management, and security in organizations ranging from small teams to global enterprises. He specializes in translating complex technical challenges into clear, actionable guidance for both technical teams and executives. Known for analytical problem-solving and strategic planning, Gene excels at breaking large, high-stakes problems into manageable components and guiding teams to successful execution.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.