TLDR
- Generative and agentic AI are accelerating digital transformation while exposing major governance and operational gaps inside enterprises, according to UST Evolve GM Eric Pilkington.
- Pilkington warns that companies are deploying autonomous AI systems faster than they can establish controls, creating risks tied to shadow AI, weak oversight and opaque decision-making.
- He argues that enterprises need dynamic, participatory governance models that continuously evolve alongside AI systems instead of relying on rigid, static controls.
Companies have been embarking on various forms of digital transformation initiatives in past decades as transformative new technologies have arrived. Now, generative AI is both quickening and complicating that effort as perhaps the fastest-moving technology in recent times.
That’s according to Eric Pilkington, group chief executive and general manager of UST Evolve, the global technology services company’s digital transformation arm.
“We were mid-journey in this whole digital transformation agenda that has plagued organizations for so many years. That journey was far from complete for most organizations. It’s never complete, but most were more nascent than advanced in their journeys,” he said in an interview with The AI Innovator.
“Now all of a sudden, AI comes crashing into the party. Companies are really struggling to figure out what that all means,” he added. “Add to that another layer that it’s changing the way people work, the way they engage with each other, the way they engage with content, data, technology … it’s changing the way that customers engage with companies. So it’s a massive challenge.”
Governance gap
That hasn’t stopped companies from adopting generative and agentic AI. But the rush to deploy autonomous AI systems inside large enterprises is outpacing the ability to control them, creating a governance gap that could expose companies to new operational and legal risks.
“There’s a widening gap between capability and control,” Pilkington said. “If you don’t define boundaries clearly, you’re scaling risk at machine speed.”
Gartner projects that agentic AI could account for 30% of enterprise software revenue by 2035, up from about 2% in 2025. Yet only about one in five organizations has mature governance frameworks in place.
That imbalance is becoming more pronounced as companies push AI into production environments without rethinking how decisions are monitored, audited and constrained. Pilkington described a pattern he sees repeatedly: Organizations focus heavily on use cases and business impact but neglect governance until projects begin to fail.
“If there is a failure, it’s often in the layers of governance, it’s often in the layers of guardrails and rules of engagement, and it’s very much often in the throes of antiquated operating models and things that serve as choke points for a lot of organizations to advance a lot of these things at scale,” he said. “That more often than not causes a lot of these projects, experimental or otherwise, to come off the rails.”
A different kind of technology
Pilkington argues that generative and agentic AI differ from earlier enterprise technologies in three ways: speed, autonomy, and opacity.
Unlike prior waves such as cloud computing, where vendors and architectures stabilized over time, AI models and tools are proliferating at a far faster rate. “A day doesn’t go by where you might discover five new models that you didn’t know existed yesterday,” he said.
That pace makes it difficult for IT teams to evaluate, approve and secure tools before employees begin using them. The result is a resurgence of ‘shadow IT’ or ‘shadow AI,’ where workers adopt external tools outside corporate oversight.
“Shadow IT is a problem … now add to that ChatGPT, Perplexity and Claude,” Pilkington said. “It becomes a very fragmented, fractured thing that at the end of the day organizations need to corral.”
At the same time, agentic systems can autonomously take action unlike software programs of old. “We’re entering an era where AI systems are no longer assisting decisions. They’re actually capable of taking action — and that’s both really powerful and rich and it’s also a really scary thing,” he said.
Further compounding the issue is what Pilkington calls the “black box” nature of AI. “You don’t really know what goes on between those neural networks, and so that is a very unique risk that is not present in other technologies.”
Need for flexible guardrails
Traditional governance models, built for deterministic software systems, are proving inadequate. Static rules and rigid approval processes often break down when applied to systems that learn, adapt, and interact with unpredictable inputs.
Pilkington argues that governance itself must evolve into a continuous process. “Governance and operating models need to be dynamic,” he said. “This is not something where you set it and forget it.”
Instead of fixed policies, companies should adopt what he describes as “participatory governance,” where cross-functional teams — including legal, IT and business units — continuously evaluate and adjust controls as AI systems evolve.
That includes frontline employees, who are often the earliest adopters of AI tools and, increasingly, co-creators of agentic systems. In one client example, Pilkington said the company had built thousands of internal agents — and the most popularly used ones were developed collaboratively with employees.
“It certainly can’t be top-down,” he said. “You’ve got to bring people along.”
This participatory model can reduce resistance to AI adoption while improving oversight, he added, but it also requires organizations to rethink governance as an ongoing operational function rather than a compliance checklist.
At the end of the day, companies successfully deploying AI will be those that shift away from rigid controls toward more adaptive governance models that evolve with the technology. This is what will separate leaders from laggards, he said.
