Balancing Innovation and Security in AI Adoption

Written by Fed Gov Today | Nov 6, 2025 9:29:00 PM

 

Presented by AvePoint & Carahsoft

At the Google Public Sector Summit, Heather Harinstein, Director of Federal at AvePoint, discussed how agencies can embrace AI innovation responsibly while protecting sensitive information and maintaining compliance.

“Federal agencies are struggling to balance the risks of AI with the drive for innovation,” Harinstein said. “We’re seeing common challenges—overexposed data, fragmented legacy systems, and data sprawl that creates unnecessary risk.”

AvePoint’s recent AI study found that 75 percent of organizations experienced security issues tied to AI adoption, often delaying deployments by up to a year. “Security concerns are slowing innovation,” she said. “That’s why we’re focused on data security and governance as the foundation for responsible AI.”

She emphasized the importance of Zero Trust principles in any AI framework. “If you don’t know who has access to what data, AI can easily surface content that shouldn’t be shared,” Harinstein said. “Agencies must ensure the right people have access to the right information—nothing more, nothing less.”

While AI has exposed new risks, many of those issues are not new. “AI is shining a light on the same data management challenges we’ve faced for years,” she said. “Overexposure and permissioning problems have always existed—AI just makes them more visible.”

To address those risks, Harinstein recommends a three-part approach: security, governance, and resilience.

  1. Security: Identify sensitive or over-shared content, such as PII or controlled unclassified information, and apply the right access controls.

  2. Governance: Automate recertification of content ownership and permissions, helping stretched IT teams stay compliant without manual effort.

  3. Resilience: Prepare for the inevitable—both internal and external attacks—and ensure agencies can respond and recover quickly.

She also noted the growing challenge of insider risk. “Threats aren’t just external anymore,” she said. “We’re seeing more focus on mitigating risks from within, through visibility, training, and automated safeguards.”

Ultimately, Harinstein said, the goal is to make agencies more proactive. “Security should enable innovation, not block it,” she said. “If agencies know their data is secure and governed, they can adopt AI faster and with more confidence.”

Key Takeaways

  • 75% of organizations face security issues tied to AI adoption, often delaying projects.

  • Zero Trust and automated governance are essential for managing AI risks.

  • Agencies should focus on security, governance, and resilience to balance innovation with protection.
View full post