How can organisations build governed, trustworthy AI environments that balance productivity with cybersecurity and digital sovereignty? Specifically, how do you maintain supplier trust regarding data usage and‘ opt-in’ transparency while navigating the risks of shadow AI?
Ashley Hetrick, BDO USA: That’ s a tremendously complex set of questions. I think setting those governance standards up front is critical, and we’ ve got to do it at speed. There’ s nothing more frustrating than hearing,‘ Okay, we’ ll talk about it, but our governance committee doesn’ t meet for two more months. They only meet once a quarter.’ We’ ve got to have bounds of what we’ re comfortable with and how we ingest data to a point, then review it before it goes all the way into our systems, particularly if we’ re using it for decision-making.
So there’ s part of this where we’ ve got to firewall things off, but we’ ve also got to set standards of what we will accept, what tools we’ re comfortable with, and why. On top of all of that, make sure we always have humans pressing the buttons and making the big decisions because they will see the anomalies, because they’ re used to seeing it.
Bavik Pathak, Alstom: In our industry, public transportation, cybersecurity and overall safety are paramount. If somebody hacked the system, it’ s going to be a disaster. So we are very cautious about this particular element. If the system goes rogue or gets hacked, of course, we need to have a safety backup plan for that. It’ s not about the algorithm, but what I’ m putting into it right now.
98 June 2026