The question of accountability is moving to the front of every serious conversation about artificial intelligence, and it was the focus of the latest episode of Cyber Circle by BeamSec hosted by Murat Guvenc. Our Chief Executive and Founder, Lisa Ventura MBE FCIIS, joined the panel alongside Rupa Singh and Hemang Davé to work through a question that organisations can no longer put off: if AI makes the decision, who is responsible for it?
The discussion reflected a shift the AICSA sees playing out across both the AI and cyber security communities. The early excitement about what these systems can do is giving way to harder questions about who answers for what they do. Oversight, governance and trust have stopped being abstract topics for conference panels and have become business decisions with real consequences attached.
The Readiness Gap Is People
For Lisa, the most pressing issue is not the technology itself but the people expected to work alongside it. “The biggest readiness gap of all for me is people,” she told the panel.
She expanded on the point: “Organisations will get the technology, and they’ll forget to train and prepare the humans who have to use it, question it and live with what it does and ultimately what it sometimes decides. So the gap is less about buying in more technology and solutions for AI and more about preparation.”
Her argument lands on a familiar pattern in cyber security. Tools arrive, budgets are spent and the workforce is left to make sense of systems they were never properly prepared for. When those systems begin to make or influence decisions, that lack of preparation becomes a genuine risk rather than an inconvenience. People need to understand what the technology is doing, feel able to challenge it and be supported when they have to account for outcomes they did not personally choose.
The Oversight Illusion
Rupa Singh brought a governance lens to the same problem, warning about what she described as the oversight illusion, calling it one of the greatest risks in AI governance. The phrase captures something important. An organisation can place a human in the loop on paper while giving that person neither the time, the information nor the authority to exercise real judgement. Oversight that exists only as a box to tick offers the appearance of control without the substance of it.
Technology in Service of People
Hemang Davé returned the conversation to first principles, with the view that “any technology that we create should serve humanity”. It is a simple statement that carries weight when AI systems are increasingly making choices that affect customers, employees and citizens. Keeping human benefit as the measure of success helps organisations resist the pull towards automation for its own sake.
Why This Matters to the AICSA
The accountability question sits precisely where AI and cyber security meet, which is the ground the AICSA was created to cover. Decisions made by automated systems carry security, ethical and human consequences all at once, and they cannot be managed well if those areas are treated separately. The panel reflected a conviction at the heart of the AICSA’s work, that responsible adoption depends as much on prepared and supported people as it does on capable technology.
The full episode is well worth your time, and the central question is one every organisation adopting AI should be asking itself. You can watch the discussion here: https://youtu.be/TTXMyvXRo1g.
We would welcome your thoughts. If AI makes the decision, who should be responsible?
