Humans or AI: Trust in Question in Modern IT
Le brief IA que les pros lisent chaque soir
Les 7 actus IA du jour, décryptées en 5 min. Gratuit.
Inclus dès l'inscription : notre sélection des meilleurs guides & comparatifs IA.
Choisis ton rythme
Gratuit · Pas de spam · Désabonnement en 1 clic
Trust in the Face of AI: A Challenge for Businesses
In the world of information systems, the question of trust is becoming increasingly complex with the integration of artificial intelligence. Traditionally, trust was naturally granted to humans, perceived as responsible, identifiable, and capable of judgment. However, as AI infiltrates these systems, this certainty is shaken. The crucial question is no longer about choosing between humans and machines, but rather determining under what conditions each can be deemed trustworthy in a modern IT environment.
Illusion of Control and AI Challenges
For decades, enterprise risk management has focused on the human factor. Human errors, misconfigurations, and internal threats are well documented and framed by proven security policies, such as identity and access management (IAM), audits, and segmentation. However, this model relies on the assumption that humans are at the center of decision-making. Today, this assumption is being questioned. AI systems no longer merely assist; they take initiatives, trigger actions, and interact with critical infrastructures often in real-time, at speeds incompatible with traditional human oversight. Yet, the trust frameworks applied remain those designed for humans, creating a significant disconnect.
Power of AI and Loss of Clarity
AI is powerful, fast, and capable of automating complex tasks on a large scale. However, this power comes with a loss of clarity. When a human makes a mistake, it is generally possible to identify the perpetrator, understand the cause, and learn from it. With AI agents, these principles become uncertain. Without a clear identity, it becomes difficult, sometimes impossible, to know who did what, why, and how to prevent it from happening again. Even today, many systems rely on shared or static identifiers, unable to distinctly differentiate one agent from another. This ambiguity of identity creates a critical blind spot: actions are executed, but responsibility remains vague, and control is nearly nonexistent.
The numbers are telling: only 28% of companies believe they can stop a malicious AI agent before it causes damage. Nearly half of the companies can only react once the damage has occurred, and almost a quarter can only detect without being able to take real action. Automation is advancing, but governance is structurally lagging behind.
Treating AI as an Identity
In light of this transformation, one obvious conclusion emerges: if AI acts, it must be treated as a full-fledged identity. It can no longer be viewed as a mere technical tool. Once a system is capable of initiating actions and accessing sensitive resources, it must be identified, authenticated, and controlled like any other actor in the information system. This involves creating unique and verifiable identities for each AI agent, using dynamic identifiers with limited lifespans, and ensuring complete traceability of actions. It also requires continuous monitoring of behaviors to detect real-time abuses and anomalies. Finally, a fundamental principle must be integrated: an AI agent will eventually exhibit inappropriate or unexpected behavior. The challenge is to anticipate this risk and prepare for it by implementing an effective intervention plan.
Rethinking Trust in IT
Trust can no longer be implicit in an environment where AI systems are no longer mere tools but entities capable of acting, deciding, and interacting autonomously. This change profoundly transforms the nature of risk: more diffuse, faster, and sometimes invisible, it escapes traditional control models historically designed to frame the human factor. In this context, a requirement emerges: to make every action traceable and every actor explicitly identified. Without traceability or clear attribution, there can be no responsibility, no control, and thus no real trust.
Therefore, the question is no longer about choosing between humans and machines but lies in the ability to frame these new forms of autonomy. The trust of tomorrow will be neither intuitive nor implicit: it must be structured, conceived as an architecture, and based on a simple yet demanding principle: every action must be attributable, every identity limited in its permissions, and every behavior monitored in real-time. Trust is no longer given by default: it is built, measured, and continuously verified.
It is at this price that AI can truly integrate into critical environments, not by imposing its presence, but by gradually earning the trust of the businesses that deploy it.
Brief IA — L'actualité IA en français
L'essentiel de l'actualité de l'intelligence artificielle, décrypté et expliqué chaque jour.