Once, security was a defined discipline—a tight set of technical practices meant to keep systems safe. Today, it’s the junk drawer for every responsibility no one else wants to own.

The trust and safety work stripped from platforms for political expediency? Security now has to pick it up to succeed. The resilience planning deprioritized in favor of speed? Security must step in and own it. The ethical guardrails quietly written out of AI procurement rules? Security can’t ignore them because without that work, defense will fail.

The word security is doing too much work.

And the people holding the line are carrying a load no one team should sustain but if they must, they need to do it intentionally and strategically, because here’s why.

If you want to understand why regulatory guardrails can supercharge, not stifle, technological innovation, don’t look to theory. Look to cybersecurity. The field is, by definition, mission-critical: cybersecurity keeps our technical infrastructure resilient, protects financial institutions, and allows both individuals and businesses to leverage the internet safely. Cybersecurity methods must evolve quickly, or our critical infrastructure could be at risk.

Welcome to the gray zone of innovation.

Shadow AI is what happens when employees use generative AI tools (ChatGPT, Claude, Copilot, Gemini, and others) without telling IT or leadership. Sometimes it's to save time, automate grunt work, or just move faster. But like its older cousin shadow IT, shadow AI comes with serious risks.

And it’s not just happening in the margins. It’s everywhere. According to recent surveys, more than 70% of knowledge workers say they use GenAI at work but fewer than 20% say their company has approved it.

If you’re a leader, that means your org likely has more AI use than you think and a lot less control than you need.

Information integrity deserves fierce advocacy from governments, the intellectual ingenuity of civil society, and the creative muscle of industry. It should be the next "by design" movement, writes our CEO, Camille Stewart Gloster, in a Tech Policy Press article.