A Global Resource for Sharing Knowledge in PPM
Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy
To find out more, including how to control cookies, see here: Cookie Policy
Copyright © 2012–2026 PM World Inc. – All rights reserved · ISSN 2330-4480
When AI Moves into Execution
The New Cybersecurity Reality
for Project Leaders
COMMENTARY
by Aina Aliieva (Alive)
International Correspondent, PM World Journal
Toronto, Ontario, Canada
Artificial intelligence has moved from experimentation to infrastructure.
The World Economic Forum’s Global Lighthouse Network now includes more than 220 sites across 35 countries that have embedded AI directly into core operations, reporting average labor productivity gains of roughly 40 percent and lead-time reductions approaching 50 percent. Generative and agentic systems are being embedded directly into execution workflows rather than remaining isolated digital initiatives (World Economic Forum, Global Lighthouse Network).
At the same time, security leaders are signaling concern. According to Arctic Wolf’s 2025 Trends Report, nearly 30% of security and IT leaders now identify AI/LLM-related risks and privacy issues as their top cybersecurity concern, surpassing ransomware:
https://arcticwolf.com/resources/press-releases/arctic-wolf-2025-trends-report-reveals-ai-is-now-the-leading-cybersecurity-concern-for-security-and-it-leaders
Yet governance maturity is lagging. The World Economic Forum’s Global Cybersecurity Outlook 2025 reports that only approximately 37% of organizations have processes in place to assess AI tools before deployment:
https://www.weforum.org/publications/global-cybersecurity-outlook-2025/digest
This creates a structural imbalance: AI is being integrated into operational systems faster than security models are adapting.
For project managers, this is not a peripheral cybersecurity debate. AI capabilities are frequently introduced within projects, for example through vendor upgrades, automation features, integration decisions, and digital transformation programs. Each implementation expands the organization’s exposure surface and influences how reasoning systems interact with operational infrastructure.
The absence of a large-scale AI-driven systemic incident should not be interpreted as evidence of resilience. The only reason there hasn’t been a massive attack yet is how early the adoption is, not because it’s secured.
The real question now is how this integration is reshaping cybersecurity architecture, and why that shift fundamentally alters the nature of project risk and eventually will fall on project leaders’ shoulders.
Cybersecurity has historically been designed for deterministic systems: programs that follow explicit instructions, where data and commands are clearly separated. Many of the security patterns we rely on such as input validation, parameterization, least privilege, segmentation, depend on that separation. Large language model (LLM) systems disrupt it.
A growing body of security guidance now treats prompt injections not as a niche trick, but as a structural vulnerability rooted in how LLMs process text. The UK’s National Cyber Security Centre (NCSC) bluntly addresses the point: prompt injection is not equivalent to SQL injection because LLMs do not inherently distinguish between instructions and data in the same way traditional systems do, creating a “confused deputy”- style risk where the model can be coerced into using its privileges in the attacker’s interest.
In classic applications, you can often secure an interface by constraining inputs and enforcing clear boundaries between untrusted data and executable instructions. With LLM-based applications, the “interface” is language itself. The system is built to treat text as meaningful, which creates a persistent attack surface when the model processes untrusted content (emails, web pages, tickets, documents) that can embed malicious instructions.
The architectural shift can be summarized as follows:
More…
To read entire interview, click here
How to cite this article: Aliieva, A. (2026). When AI Moves into Execution: The New Cybersecurity Reality for Project Leaders, commentary, PM World Journal, Vol. XV, Issue III, March. Available online at: https://pmworldjournal.com/wp-content/uploads/2026/03/pmwj162-Mar2026-Aliieva-when-AI-moves-into-execution.pdf
About the Interviewer
Aina Aliieva
Toronto, Ontario, Canada
Aina Aliieva (Alive) is an experienced Agile Coach and a Business Consultant with 20 years of experience in different industries, from hospitality and tourism to banking and engineering, a Founder & CEO at Bee Agile and a CEO & VP of Marketing at The PMO Strategy and Execution Hub.
She is a keynote speaker on Agile, Project Management, Negotiation, People Management, and Soft Skills topics. She was a guest instructor at NASA in 2022 & 2023 with topics on Conflict Resolution & Negotiation and Facilitation Techniques.
Her book, “It Starts with YOU. 40 Letters to My Younger Self on How to Get Going in Your Career,” hit the #1 position in the #jobhunting category on Amazon and is featured in a Forbes Councils Executive Library.
She also contributed to the books “Mastering Solution Delivery: Practical Insights and Lessons from Thought Leaders in a Post-Pandemic Era”, “Green PMO: Sustainability through Project Management Lens” and “Agile Coaching and Transformation: The Journey to Enterprise Agility”.
Aina was also a Finalist in the Immigrant Entrepreneur of the Year category in 2021 by the Canadian SME National Business Award
She can be contacted at https://www.linkedin.com/in/aina-aliieva/
To view previous interviews and other works by Aina, visit her author showcase in the PM World Library at https://pmworldlibrary.net/authors/aina-aliieva/
Share this:
Like this:
Related