The report, which surveyed 406 North American IT decision-makers, highlights a disconnect between executive confidence and operational reality. Although 86% of infrastructure leaders express faith in their current AI governance, only 30% have established formal policies to manage the risks. This oversight is particularly dangerous given the rise of "vibe coding," where teams generate infrastructure and policy code using AI without rigorous human oversight or validation.
Spacelift CEO Paweł Hytry notes that the crisis is exacerbated by a lack of visibility. Most organizations continue to track legacy metrics, ignoring AI-specific signals like error rates in generated changes or the volume of machine-authored code moving through pipelines. Currently, only 15% of companies monitor the volume of AI-generated Infrastructure as Code (IaC). Without these granular data points, teams remain blind to the systemic vulnerabilities accumulating in their environments. Even as security incidents and pipeline strain increase, the industry continues to prioritize speed over the foundational governance necessary to sustain autonomous workflows.
Comments (0)
No comments yet. Be the first!