While AI’s early promise sparked excitement, its slow maturity has created a unique period of uncertainty and opportunity. IT departments, in particular, find themselves at the intersection of AI’s development and the growing demands of compliance, reshaping how business leaders manage data, tools, and security.
As 2025 approaches, artificial intelligence (AI) will continue to advance, paving the way for both significant opportunities and complex challenges.
Early promise, slow maturity
AI initially dazzled with its potential to revolutionise industries, from customer service to data analysis. However, the reality has been more measured. Many organisations that embraced AI early have either scaled back their investments or reallocated resources after finding that AI’s benefits are often limited to specific use cases.
This measured adoption reflects a broader truth: AI is still a work in progress. Vendors are actively refining their offerings based on feedback from early adopters, leading to steady, albeit incremental, improvements. For now, AI has shown value in well-defined applications but remains less impactful as a general-purpose tool for most information workers.
Despite these limitations, the relentless focus on AI in vendor showcases and product announcements signals that its time is coming. As AI matures, so too will its integration into the enterprise landscape, particularly in areas where its utility is undeniable – like compliance.
Key trends shaping AI and compliance in 2025
- AI maturity and targeted use cases
By 2025, the use cases for AI will expand as vendors refine their offerings and businesses identify clearer applications. Organisations will increasingly implement AI in areas like fraud detection, contract review, and process automation, where its impact can be measured and optimised. - AI-infused vendor solutions
Feedback loops from early adopters have empowered vendors to integrate AI deeper into their products. Whether through predictive analytics or advanced workflow tools, AI will become less of a standalone novelty and more of a foundational feature. - Compliance as a priority, not an option
The intersection of AI and compliance has emerged as a critical focus area. Organisations are realising that effective AI implementation requires robust data governance, classification, and protection measures. Compliance, once viewed as a checkbox exercise, is now recognised as essential for AI readiness.
The role of compliance
AI’s reliance on data has forced organisations to reevaluate their approach to compliance. The traditional “security through obscurity” model—where sensitive data remains safe because users simply lack access or awareness—breaks down when AI tools enter the picture. AI has the capability to uncover and analyse vast amounts of data, making inadvertent overshare a significant risk.
Data overshare risks
Incidents like Samsung workers inadvertently leaking company secrets via AI tools like ChatGPT illustrate the dangers of poorly managed data access. Shadow IT further exacerbates the issue, as employees adopt unsanctioned tools that bypass organisational controls, potentially exposing sensitive information.
Driving data governance forward
To address these challenges, IT departments are turning to tools like Microsoft Purview for data classification and protection, Microsoft Intune for device management, and SharePoint for enterprise content management. These tools help enforce policies that ensure users access only what they need while safeguarding confidential information.
Looking ahead to 2025: Preparing IT for the future
By 2025, AI and compliance will be inextricably linked. Organisations will need to develop clearer frameworks for managing AI tools and compliance processes. Key priorities for IT departments will include:
- Strengthening data governance: Implementing stringent data classification policies to protect sensitive information.
- Enhancing device control: Using tools like Microsoft Intune to secure and manage user devices.
- Streamlining content management: Migrating from legacy file servers to centralised platforms like SharePoint to ensure data is organised and policy-compliant.
While AI’s full potential remains a work in progress, its growing impact is undeniable. The period of uncertainty we’re in now offers IT departments a chance to prepare, innovate, and align their strategies with the dual imperatives of AI readiness and compliance. By embracing these challenges, businesses can unlock new opportunities and ensure they are well-positioned for the digital workplace of the future.
AI is no longer just a visionary technology; it’s becoming a practical reality with profound implications for compliance and IT strategy. As organisations navigate this transition, the emphasis on strong data governance and proactive compliance measures will only grow.
Garry Ackerman is the Director at Argantic.