IBM Launches Unified AI Governance Platform for Enterprise

IBM has launched what it describes as the industry's first software platform to combine AI security and governance functions, addressing enterprise concerns about managing AI agents and generative AI systems at scale.

The announcement centres on enhanced integration between IBM’s watsonx.governance and Guardium AI Security platforms. The unified approach targets organisations deploying AI agents across their operations whilst maintaining security and compliance standards.

“AI agents are set to revolutionise enterprise productivity, but the very benefits of AI agents can also present a challenge,” says Ritika Gunnar, General Manager, Data and AI at IBM. “When these autonomous systems aren't properly governed or secured, they can carry steep consequences.”

The timing reflects growing enterprise adoption of AI agents – autonomous systems that can execute tasks without human intervention. These systems present governance challenges as they operate independently within corporate environments, potentially accessing sensitive data and making decisions that affect business operations.

IBM Guardium AI Security gains automated threat detection

The enhanced Guardium AI Security platform now includes automated red teaming capabilities, enabling organisations to identify vulnerabilities and misconfigurations across their AI deployments. The system can define custom security policies that analyse both input and output prompts, targeting risks including code injection, sensitive data exposure, and data leakage.

IBM has collaborated with AllTrue.ai to add detection capabilities for AI use cases in cloud environments, code repositories and embedded systems. Once the system identifies new AI deployments, it can automatically trigger governance workflows within watsonx.governance.

The integration supports compliance validation against 12 frameworks, including the EU AI Act and ISO 42001. These features are available immediately in Guardium AI Security, with full watsonx.governance integration planned throughout the remainder of 2025.

“The future of AI depends on how well we secure it today,” says Suja Viswesan, Vice President, Security and Runtime Products at IBM. “Embedding security from the start is essential to protecting data, supporting compliance obligations, and building lasting trust.”

The approach addresses what researchers identify as a significant challenge for security teams managing AI deployments. Jennifer Glenn, Research Director for the IDC Security and Trust Group, explains: “One of the biggest challenges for security teams is translating incidents and compliance violations into quantifiable business risk. The rapid adoption of AI and agentic AI amplifies this issue.”

IBM Consulting introduces AI security services

Alongside the platform enhancements, IBM Consulting Cybersecurity Services has launched services combining data security platforms with AI consulting expertise. The offering supports organisations through AI transformation stages – from discovering AI deployments and vulnerabilities to implementing secure-by-design practices and regulatory guidance.

The services build on IBM Consulting’s work with hundreds of clients globally on AI strategy and governance, including projects with Nationwide Building Society and e&. The approach reflects enterprise demand for expertise in managing AI governance across complex regulatory environments.

For AWS users, watsonx.governance is now available in AWS data centres in India, featuring enhanced model monitoring capabilities. The expansion supports IBM's strategy of providing AI governance tools across multiple cloud environments.

The unified platform represents IBM’s response to enterprise challenges in managing AI systems that operate with increasing autonomy. As organisations deploy more AI agents across business functions, the integration of security and governance functions becomes critical for maintaining operational control and regulatory compliance.

“Unifying AI Governance with AI security gives organisations the necessary context to find and prioritise risks, as well as the information to clearly communicate the consequences of not addressing them,” Jennifer says.

Explore the latest edition of Technology Magazine and be part of the conversation at our global conference series, Tech & AI LIVE.

Discover all our upcoming events and secure your tickets today.

Technology Magazine is a BizClik brand