Cvent runs more than 6,000 AI agents inside a company of about 5,500 people. Roughly 1,300 of them are actually used.

Those two numbers came from Cvent’s own CIO, unprompted, and they describe the state of enterprise agent adoption more honestly than most of what gets published about it. On episode 913 of CXOTalk I sat down with Pradeep Mannakkara, Chief Information Officer at Cvent, and Ben Mayrides, the company’s Chief Information Security Officer, to ask who is governing all of it. Here is how I opened the show:

AI agents are making decisions in the enterprise, but who’s governing and managing them? Glean’s Work AI Institute developed the AWARE framework to tackle agent security, governance, and compliance.

Michael Krigsman, CXOTalk episode 913

A disclosure first. Glean underwrote this episode, and the AWARE framework we discuss is Glean’s. Cvent uses the Glean platform. Nothing here is an independent evaluation of Glean. Where the framework is described as working, that is Mannakkara and Mayrides recounting their own experience at their own company, their account rather than my validation. You can only weigh the detail if you know who underwrote the microphone.

The architectures are broken

I asked Mayrides what the core challenges look like from the CISO chair. He did not begin with a threat list.

understanding not only what these tools can do for us, but also understanding what they can do to us, I think is incredibly important.

Ben Mayrides, Chief Information Security Officer, Cvent

I asked Mannakkara to take that preposition apart from the CIO side, because it carries the whole security problem. Then Mayrides went underneath it.

the security architectures that we’re all used to are really focused on deterministic systems. And as we know, AI is all about non-determinism. So the architectures are broken.

Ben Mayrides, Chief Information Security Officer, Cvent

Take that literally. The controls most enterprises rely on were built for software that does the same thing every time it runs. Identity, access, logging, audit: all of it assumes predictability. An agent is not predictable by construction. The floor is the wrong floor.

In an agentic architecture, it’s completely different. It is about what that agent can do, what it can access, what decisions it’s making, what actions it’s delegating, what users it is impersonating.

Ben Mayrides, Chief Information Security Officer, Cvent

Read the last clause again. Agents impersonate users. Identity and access management assumes a fixed set of permissions and predictable behavior. It has no vocabulary for an actor that plans, delegates, and acts in the name of whoever invoked it.

a lot of agent reasoning is opaque, and it’s difficult to sort of reconstruct those elements as well, and we need that.

Ben Mayrides, Chief Information Security Officer, Cvent

Without observability there is no incident review, because there is no record of why the agent did what it did.

The published frameworks stop above the control layer

The AWARE framework covers intent, context, guardrails, risk scoring and blocking, and ecosystem observability. I asked how those principles map onto decisions about what to build and what to hold back. Mayrides answered by naming what the better-known frameworks do not do.

So when you think about the EU AI Act or the NIST Risk Management Framework, again, they’re great and they have their purpose, but they don’t go deep enough and they don’t actually tie into sort of the technical controls and the technical considerations that you need to build into an agent tech security architecture.

Ben Mayrides, Chief Information Security Officer, Cvent

Regulation tells you which outcomes to avoid. It does not tell you which control to configure on Tuesday morning. That gap is where a governance program either becomes real or becomes a slide.

A gut feeling is not an acceptable answer

Then Mayrides named a weakness in his own practice.

I’m just like, “It’s a gut thing.” And that’s not an acceptable answer.

Ben Mayrides, Chief Information Security Officer, Cvent

When the security answer is instinct, security has no defensible position and the business has no path forward. His replacement is a tiered, repeatable risk process with success criteria agreed before the work starts. Tiered, because uniform governance does not survive volume.

I think if you’re applying governance to the same level of governance and control to every agent or every AI system out there, your governance capabilities are just, they’re gonna crumble. They’re not gonna scale.

Ben Mayrides, Chief Information Security Officer, Cvent

And repeatable, because the decision does not stay decided.

So the go, no go decision is not a one and done, is my point.

Ben Mayrides, Chief Information Security Officer, Cvent

Mannakkara wants the same discipline expressed as plain language.

People need to partner together, but you also have to simplify the messaging. The business folks want to know yes, no. Can I do it? Can I not? Why not? How quickly?

Pradeep Mannakkara, Chief Information Officer, Cvent

Six thousand agents, and a CIO willing to say how many get used

I described the sprawl this way:

So you have agents, and then they have kids, and they move out to the suburbs, and then before you know it, you have agentic sprawl.

Michael Krigsman, CXOTalk episode 913

Mannakkara did not argue with the picture. He gave me the number.

Now even though we have 6,000, how many are actively used? It’s probably about 1,300, candidly speaking.

Pradeep Mannakkara, Chief Information Officer, Cvent

Roughly one agent in five is doing anything. He treats the rest as the price of building the culture: employees were encouraged to create agents before moderation and a task-level catalog existed. It was a deliberate decision, and he will say the number out loud.

Culture, he told me, is part of his role as CIO, which surprised me and I said so on air. The mechanism is not a memo.

But one of the decisions we made was we’re gonna give mandatory training to everybody in the company, a foundations and a literacy.

Pradeep Mannakkara, Chief Information Officer, Cvent

Actually, our CEO was in the first session. Just can’t tell you how important this was.

Pradeep Mannakkara, Chief Information Officer, Cvent

The CEO in the first session sends a signal no policy document can send. It tells 5,500 people this is not an IT initiative they can wait out.

The same story I have been telling for twenty years

My subject has not changed since I was writing about failed ERP programs for ZDNet. It is the distance between what technology promises and what organizations actually get. The vocabulary moves. The gap stays where it is.

Neither guest pretended the gap was closed. The CISO calls the architecture broken. The CIO says four out of five agents his company built are sitting unused. That is more useful than a case study in which everything worked.

What to do with this on Monday

Mayrides gave the answer himself, and it is deliberately small.

Inventory your agents. Instrument them for observability and identity. If you can only do, and focus on any part of the AWARE framework, it would be focus on those two things first, and then go from there.

Ben Mayrides, Chief Information Security Officer, Cvent

Count what you have. Make each agent identifiable and each action reconstructable. Everything else depends on those two facts existing first. And a deadline is forming.

So from a compliance perspective, I can see us seeing a control criterion in SOC 2 within, say, the next year and a half, two years. We need to be ready for that.

Ben Mayrides, Chief Information Security Officer, Cvent

That is his prediction, not a published rule. But if he is right, the inventory you do not have today is the audit finding you get in eighteen months.

Watch the full conversation: AI Agent Governance: Inside the Glean AWARE Framework, CXOTalk episode 913, and the complete transcript. Pradeep Mannakkara is Chief Information Officer and Ben Mayrides is Chief Information Security Officer at Cvent. The episode was underwritten by Glean.

Michael Krigsman

Michael Krigsman

Michael Krigsman is an industry analyst and the founder and host of CXOTalk, where he has interviewed close to 900 C-level leaders since 2013. He spent two decades writing about IT project failure for ZDNet and founded Asuret, a consultancy built to diagnose why enterprise projects go wrong. He is based in Boston. More about Michael or get in touch.