Thinking & Perspectives

AI Strategy Insights

Practical perspectives on AI strategy, agentic systems architecture, and governance — from the advisory practice at Imagine Works.

13 articles
AI Governance10 min read

AI Red Teaming: What Enterprise Leaders Should Actually Ask For

AI red teaming has moved from a research-lab activity to a boardroom expectation. The EU AI Act now requires adversarial testing of general-purpose AI models with systemic risk. Microsoft has red-teamed 100+ generative AI products since 2018. NIST published a formal adversarial-ML attack taxonomy in March 2025. Here is what enterprise leaders should ask for when they commission — or evaluate — an AI red team engagement.

8 July 2026Read article
AI Governance10 min read

The NIST AI Risk Management Framework: What Enterprise Leaders Need to Understand

The NIST AI Risk Management Framework (AI RMF 1.0) has quietly become the most widely adopted enterprise AI governance framework in the United States — 57–67% of CISOs use it according to the 2026 Hitch Partners Global CISO Leadership Report. Voluntary, but load-bearing. Here is what the framework contains, how the 2024 Generative AI Profile extends it, and why it endured a change of US administration when the executive order that popularised it did not.

24 June 2026Read article
AI Governance10 min read

Prompt Injection: The Enterprise Security Risk That Cannot Yet Be Filtered Away

Prompt injection has been the number-one risk on the OWASP Top 10 for LLM Applications since 2023, and in June 2025 it produced the first publicly documented zero-click enterprise AI vulnerability — CVE-2025-32711, EchoLeak, in Microsoft 365 Copilot. UK NCSC's December 2025 guidance is direct: prompt injection cannot be fully mitigated; focus on reducing impact. Here is what enterprise leaders need to understand and do.

10 June 2026Read article
AI Governance10 min read

ISO/IEC 42001: The AI Management System Standard Enterprise Leaders Need to Understand

ISO/IEC 42001:2023 is the world's first certifiable international standard for managing artificial intelligence. Published in December 2023, it gives organisations a structured, auditable way to govern AI — and a certificate to prove it. Here is what the standard contains, how certification works, how it relates to the EU AI Act, and whether your organisation should pursue it.

2 June 2026Read article
AI Governance10 min read

AI Hallucination: What Enterprise Leaders Need to Understand in 2026

AI hallucination — when a language model produces confident, plausible output that is simply false — is now a measured enterprise risk, not a research curiosity. Vectara's leaderboard puts frontier model hallucination rates between 3% and 15% on a controlled summarisation task; Stanford's legal-AI study found purpose-built tools hallucinating on 17–33% of queries. Here is what leaders should know, and what to do about it.

19 May 2026Read article
AI Governance9 min read

Shadow AI: Why One-in-Five Enterprises Now Has a Governance Problem They Cannot See

Shadow AI — employees using unsanctioned generative tools at work — has moved from anecdote to material risk. IBM's 2025 breach data put a number on it: organisations with high shadow AI usage paid $670,000 more per breach, and only 37% of organisations have any policy to detect it. Here's what enterprise leaders should do about it.

3 May 2026Read article
AI Strategy Insights & Articles | Imagine Works