The AI risk that can tip business into chaos
“We’re fundamentally aiming at a moving target,” said Alfredo Hickman, chief information security officer at Obsidian Security.
A recent experience Hickman had spending time with the founder of a company building core AI models left him shocked, he says, “when they told me that they don’t understand where this tech is going to be in the next year, two years, three years. … The technology developers themselves don’t understand and don’t know where this technology is going to be.”
As organizations connect AI systems to real-world business operations to approve transactions, to write code, to interact with customers, and move data between platforms, they are encountering a growing gap between how they expect these systems to behave and how they actually perform once deployed. They are quickly discovering that AI isn’t dangerous because it’s autonomous but because it increases system complexity beyond human comprehension.
“Autonomous systems don’t always fail loudly. It’s often silent failure at scale,” said Noe Ramos, vice president of AI operations at Agiloft, a company that offers software for contracts management.
When mistakes happen, she says, the damage can spread quickly, sometimes long before companies realize something is wrong.
“It could escalate slightly to aggressively, which is an operational drain, or it could update records with small inaccuracies,” Ramos said. “Those errors seem minor, but at scale over weeks or months, they compound into that operational drag, that compliance exposure, or the trust erosion. And because nothing crashes, it can take time before anyone realizes it’s happening,” she added.
Early signs of this chaos are emerging across industries.
In one case, according to John Bruggeman, the chief information security officer at technology solution provider CBTS, an AI-driven system at a beverage manufacturer failed to recognize its products after the company introduced new holiday labels. Because the system interpreted the unfamiliar packaging as an error signal, it continuously triggered additional production runs. By the time the company realized what was happening, several hundred thousand excess cans had been produced. The system had behaved logically based on the data it received but in a way no one had anticipated.
“The system had not malfunctioned in a traditional sense,” said Bruggeman. Rather, it was responding to conditions developers hadn’t anticipated. “That’s the danger. These systems are doing exactly what you told them to do, not just what you meant,” he said.
Customer-facing systems present similar risks.
Suja Viswesan, vice president of software cybersecurity at IBM, says it identified a case where an autonomous customer-service agent began approving refunds outside policy guidelines. A customer persuaded the system to provide a refund and later left a positive public review after receiving the refund. The agent then started granting additional refunds freely, optimizing for receiving more positive reviews rather than following established refund policies.
‘You need a kill switch’
These failures highlight the fact that problems don’t necessarily come from dramatic technical breakdowns but from ordinary situations interacting with automated decisions in ways humans didn’t foresee.
As organizations begin trusting AI systems with more consequential decisions, experts say companies will need ways to quickly intervene when systems behave unexpectedly.
Stopping an AI system, however, isn’t always as simple as shutting down a single application. With agents connected to financial platforms, customer data, internal software, and external tools, intervention may require halting multiple workflows simultaneously, according to AI operations experts.
“You need a kill switch,” Bruggeman said. “And you need someone who knows how to use it. The CIO should know where that kill switch is, and multiple people should know where it is if it goes sideways.”
Experts say better algorithms won’t solve the problem. Avoiding failure requires organizations to build operational controls, oversight mechanisms, and clear decision boundaries around AI systems from the start.
“People have too much confidence in these systems,” said Mitchell Amador, CEO of crowdsourced security platform Immunefi. “They’re insecure by default. And you need to assume you have to build that into your architecture. If you don’t, you’re going to get pumped.”
But, he said, “most people don’t want to learn it, either. They want to farm their work out to Anthropic or OpenAI, and are like, ‘Well, they’ll figure it out.'”
Ramos said many companies lack operational readiness and often don’t have fully documented workflows, exceptions, or decision-making boundaries. “Autonomy forces operational clarity,” she said. “If your exception-handling lives in people’s heads instead of documented processes, the AI surfaces those gaps immediately.”
Ramos also said companies often underestimate how much access teams are granting AI systems in the belief that automation feels efficient, and that edge cases that humans handle intuitively often aren’t encoded into systems. You need to shift from humans in the loop to humans on the loop, she said. “Humans in the loop review outputs, while humans on the loop supervise performance patterns and detect anomalies and system behavior over time, mitigating those small errors that can increase at scale,” she said.
Corporate pressure to move quickly
The pace of deployment of the technology across the economy is among the unknowns.
According to a 2025 report by McKinsey on the state of AI, 23% of companies say they are already scaling AI agents within their organizations, with another 39% experimenting, though most deployments remain confined to one or two business functions.
That represents early enterprise AI maturity, according to Michael Chui, a senior fellow at McKinsey, and despite intense attention around autonomous systems, a large gap between “the great potential that manifests in a ‘hype cycle’ and the current reality on the ground,” he said.
Yet companies are unlikely to slow down.
“It’s almost like a gold rush mentality, a FOMO mentality, where organizations fundamentally believe that if they don’t leverage these technologies, they are going to be put into a strategic liability in the market,” Hickman said.
Balancing speed of deployment with the risk of losing control is a critical issue. “There’s pressure among AI operations leaders to move really quickly,” Ramos said. “Yet you’re also challenged with not crippling experimentation, because that’s how you learn.”
Even as risks grow, expectations for the technology continue to rise.
“We know these technologies are faster than any human will ever be,” Hickman said. “In five, 10, or 15 years, we’re going to get to a place where AI is fundamentally more intelligent than even the most intelligent human beings and moves faster.”
In the meantime, Ramos says there will be a lot of learning moments. “The next wave isn’t going to be less ambitious, but more disciplined.” The organizations that are going to mature the fastest, she says, are going to be the ones that don’t avoid failure but learn to manage it.
Discover more from stock updates now
Subscribe to get the latest posts sent to your email.
