IBM Unveils Unified AI Security and Governance Software
IBM has launched groundbreaking software capabilities that integrate AI security and governance, marking what is touted as the industry’s first unified solution for managing agentic AI risks.
Integrated Solution
The enhancements combine IBM’s watsonx.governance, an end-to-end AI governance platform, with Guardium AI Security, a tool designed to protect AI models, data, and their usage. This integrated solution enables enterprises to manage security and governance risks across various AI use cases, supporting compliance with 12 frameworks, including the EU AI Act and ISO 42001.
Challenges of AI Governance
According to IBM Data and AI general manager Ritika Gunnar, “AI agents are set to revolutionise enterprise productivity, but the very benefits of AI agents can also present a challenge. When these autonomous systems aren’t properly governed or secured, they can carry steep consequences.”
Partnerships and Innovations
Through a partnership with AllTrue.ai, Guardium AI Security now detects AI use cases in cloud environments, code repositories, and embedded systems, providing visibility in decentralised AI ecosystems. Identified use cases can automatically initiate governance workflows via watsonx.governance.
Recent Updates
Recent updates to Guardium AI Security include:
- Automated red teaming to uncover vulnerabilities and misconfigurations.
- Custom security policies to address risks such as code injection and data leakage.
These features are available now, with full integration with watsonx.governance planned for later this year.
Future of AI Security
IBM Security and Runtime Products vice president Suja Viswesan stated, “The future of AI depends on how well we secure it today. Embedding security from the start is essential to protecting data, supporting compliance obligations, and building lasting trust.”
Watsonx.governance now facilitates lifecycle management of AI agents, from development to deployment, with evaluation nodes monitoring metrics such as answer relevance and context faithfulness to identify performance issues.
Upcoming Capabilities
Future capabilities, scheduled for release by June 27, include:
- Agent onboarding risk assessments
- Audit trails
- Agentic tool catalogue
The watsonx.governance Compliance Accelerators, available now as an add-on, provide pre-loaded regulations and standards, including the EU AI Act, U.S. Federal Reserve’s SR 11-7, New York City Local Law 144, ISO/IEC 42001, and NIST AI RMF, allowing users to align AI use cases with global compliance requirements.
Consulting and Support Services
IBM Consulting Cybersecurity Services is introducing new offerings that combine platforms like Guardium AI Security with AI expertise to support organisations in secure AI transformation. These services cover vulnerability detection, secure-by-design practices, and regulatory guidance, building on IBM’s collaborations with clients such as Nationwide Building Society and e&.
For users of AWS, watsonx.governance is now accessible on AWS data centres in India, featuring enhanced model monitoring capabilities.
According to IDC Security and Trust Group research director Jennifer Glenn, “Unifying AI governance with AI security gives organisations the necessary context to find and prioritise risks, as well as the information to clearly communicate the consequences of not addressing them.”
