IBM Weaves Together AI Governance and Security with New Integrations
IBM is announcing new capabilities and integrations for watsonx.governance and Guardium AI Security that centralize AI security and AI governance operations while delivering a unified view of enterprises’ risk posture. At its core, this integration tackles the challenge of securing AI systems and their agents at scale, ensuring responsible AI at every step of the lifecycle.
Setting the context for this announcement, Ritika Gunnar, general manager, data and AI, IBM, explained that "AI agents are set to revolutionize enterprise productivity, but the very benefits of AI agents can also present a challenge. When these autonomous systems aren't properly governed or secured, they can carry steep consequences."
To provide a unified solution for managing AI security and governance, IBM is deepening the integration between watsonx.governance—IBM's end-to-end AI governance tool—and Guardium AI Security—IBM's tool for securing AI models, data, and usage. With this integration, users can validate compliance standards across 12 different frameworks, including the EU AI Act and ISO 42001.
Guardium AI Security is also seeing a variety of improvements, including the ability to detect new AI use cases in cloud environments, code repositories, and embedded systems through its collaboration with AllTrue.ai. Once use cases are identified, Guardium AI Security automatically triggers the appropriate governance workflows from watsonx.governance.
Additionally, Guardium AI Security now offers automated red teaming to enable enterprise teams to detect and fix vulnerabilities and misconfigurations across AI use cases, mitigating risks such as code injection, sensitive data exposure, and data leakage.
"One of the biggest challenges for security teams is translating incidents and compliance violations into quantifiable business risk. The rapid adoption of AI and agentic AI amplifies this issue," said Jennifer Glenn, research director for the IDC Security and Trust Group. "Unifying AI governance with AI security gives organizations the necessary context to find and prioritize risks, as well as the information to clearly communicate the consequences of not addressing them."
IBM watsonx.governance also sees a series of improvements outside of its Guardium AI Security integration, including the following capabilities:
- Monitor and manage AI agents across their entire lifecycle, from development to deployment, allowing for evaluation nodes to be built directly into agents so that users can granularly monitor answer relevance, context relevance, and faithfulness.
- Compliance Accelerators deliver pre-loaded regulations, standards, and frameworks sourced from all over the world, enabling users to identify and select the most relevant obligations—including regulations such as the EU AI Act; the U.S. Federal Reserve's SR 11-7; New York City Local Law 144; ISO/IEC 42001; and frameworks like the NIST AI RMF.
- Availability on AWS data center in India, increasing value and convenience with enhanced model monitoring capabilities
For further aid in scaling responsible AI, IBM Consulting Cybersecurity Services now offers an array of services that support organizations throughout their AI journeys, from “discovering AI deployments and potential vulnerabilities, to implementing secure-by-design practices across AI layers, to governance guidance for a constantly evolving regulatory landscape,” described IBM.
To learn more about IBM’s latest innovations, please visit https://www.ibm.com/us-en.