Thinking & Perspectives

AI Strategy Insights

Practical perspectives on AI strategy, agentic systems architecture, and governance — from the advisory practice at Imagine Works.

26 articles
AI Governance10 min read

AI Red Teaming: What Enterprise Leaders Should Actually Ask For

AI red teaming has moved from a research-lab activity to a boardroom expectation. The EU AI Act now requires adversarial testing of general-purpose AI models with systemic risk. Microsoft has red-teamed 100+ generative AI products since 2018. NIST published a formal adversarial-ML attack taxonomy in March 2025. Here is what enterprise leaders should ask for when they commission — or evaluate — an AI red team engagement.

8 July 2026Read article
AI Governance10 min read

The NIST AI Risk Management Framework: What Enterprise Leaders Need to Understand

The NIST AI Risk Management Framework (AI RMF 1.0) has quietly become the most widely adopted enterprise AI governance framework in the United States — 57–67% of CISOs use it according to the 2026 Hitch Partners Global CISO Leadership Report. Voluntary, but load-bearing. Here is what the framework contains, how the 2024 Generative AI Profile extends it, and why it endured a change of US administration when the executive order that popularised it did not.

24 June 2026Read article
AI Governance10 min read

Prompt Injection: The Enterprise Security Risk That Cannot Yet Be Filtered Away

Prompt injection has been the number-one risk on the OWASP Top 10 for LLM Applications since 2023, and in June 2025 it produced the first publicly documented zero-click enterprise AI vulnerability — CVE-2025-32711, EchoLeak, in Microsoft 365 Copilot. UK NCSC's December 2025 guidance is direct: prompt injection cannot be fully mitigated; focus on reducing impact. Here is what enterprise leaders need to understand and do.

10 June 2026Read article
AI Governance10 min read

ISO/IEC 42001: The AI Management System Standard Enterprise Leaders Need to Understand

ISO/IEC 42001:2023 is the world's first certifiable international standard for managing artificial intelligence. Published in December 2023, it gives organisations a structured, auditable way to govern AI — and a certificate to prove it. Here is what the standard contains, how certification works, how it relates to the EU AI Act, and whether your organisation should pursue it.

2 June 2026Read article
Agentic Systems10 min read

Retrieval-Augmented Generation (RAG): What Enterprise Leaders Need to Know

RAG — grounding a language model in your own retrieved documents rather than relying on what it memorised in training — has become the dominant enterprise AI architecture. Menlo Ventures put RAG adoption at 51% of enterprise implementations in 2024, up from 31% a year earlier. Here is what RAG actually is, why it won, where it breaks, and what leaders need to govern.

28 May 2026Read article
AI Governance10 min read

AI Hallucination: What Enterprise Leaders Need to Understand in 2026

AI hallucination — when a language model produces confident, plausible output that is simply false — is now a measured enterprise risk, not a research curiosity. Vectara's leaderboard puts frontier model hallucination rates between 3% and 15% on a controlled summarisation task; Stanford's legal-AI study found purpose-built tools hallucinating on 17–33% of queries. Here is what leaders should know, and what to do about it.

19 May 2026Read article
AI Strategy Insights & Articles | Imagine Works