• 3 min read
AI sprawl is pushing cloud governance to its limits
A TechRadar Pro Perspectives piece argues AI is repeating cloud sprawl at a faster pace, adding new visibility, identity, and governance risks.

Image: TechRadar
Years of cloud adoption gave companies more agility, scalability, and access to innovation, but they also left many organizations struggling with cloud sprawl. In this TechRadar Pro Perspectives article, a Field CISO at Orca Security argues that AI is now testing whether businesses learned anything from that experience.
Security and IT teams have spent years trying to answer basic questions across complex cloud estates: what assets exist, where they are, who owns them, and whether they are secure. For many organizations, those questions are still hard to answer. Now AI is piling on a new layer of complexity, with models, agents, APIs, vector databases, and automated workflows showing up across businesses at high speed.
The article says this creates a fast-moving visibility problem. Unlike earlier technology shifts that played out over years, AI is evolving in months. Teams can experiment with models in development environments, departments can adopt AI-powered applications on their own, and vendors can add new AI features to existing software almost overnight. The result is that many companies do not have a full inventory of where AI is in use, what data it can access, what decisions it influences, or what risks it introduces.
Why AI agents raise the stakes
The piece argues that AI agents are changing the security conversation because they can take actions on behalf of users. They may retrieve information, access systems, trigger workflows, and interact with other applications with different levels of autonomy.

Recommended reading
FBI eyes Nvidia and Google TPU AI systems
That shifts pressure onto identity as a control point. Traditional security programs were built around human access, using tools and principles such as identity governance, multi-factor authentication, zero trust, and least privilege. But organizations are now creating growing numbers of non-human identities, each with permissions that may touch sensitive data, business applications, and critical infrastructure.
According to the author, the challenge is not always that AI creates entirely new security risks. Often, it amplifies existing visibility and governance problems that enterprises already had in cloud environments.
Applying cloud lessons to AI
The article’s recommendation is not to slow AI adoption, since few organizations can afford to miss out on potential productivity gains, operational efficiencies, or competitive advantage. Instead, governance needs to keep pace with adoption.
That starts with understanding an organization’s AI footprint:
- where AI is being used
- what systems it connects to
- what data it can access
- who owns it
The author says businesses should extend existing risk management frameworks and apply the same scrutiny to AI deployments as they do to other critical technologies. The central lesson from cloud sprawl still applies: visibility is not a one-time exercise. As AI becomes more deeply embedded across the enterprise, maintaining an accurate view of the environment becomes an ongoing requirement.
Enterprise Editor
Marcus follows the money. He covers enterprise software, cloud architecture, and the tectonic shifts in Big Tech strategy. He translates dense earnings calls and complex M&A activity into actionable insights about where the industry is actually heading. If a tech giant makes a silent pivot, Marcus is usually the first to notice.
via TechRadar


