For the past few years, generative artificial intelligence (AI) has dominated boardroom conversations. It drafted documents, summarised data and helped employees move faster.
But the next wave of AI is already reshaping enterprise strategy in a far more profound way.
Fikile Sibiya, CIO at e4, says that Agentic AI, autonomous digital workers that can reason, plan and execute multi-step processes, is moving organisations from AI as a tool to AI as a co-worker:
“Unlike traditional AI models that wait for prompts, agentic systems act with intent. They initiate workflows, call software tools, interact with multiple systems, escalate exceptions and complete complex processes end-to-end. This shift marks a fundamental evolution in how work gets done and at the centre of this transformation sits the CIO.”
Agentic AI represents a move from reactive systems to proactive execution. Gartner notes that by 2028, 15% of business decisions will be handled autonomously, up from almost zero in 2024, signaling a massive shift.
Instead of merely responding to queries, digital agents can manage IT service tickets autonomously; handle full customer service journeys; monitor compliance workflows, reconcile financial data and trigger alerts and remediation actions in real time.
“In effect, AI is becoming embedded in operational decision-making, and it is no longer something you bolt onto the business,” says Sibiya. “We’re entering a phase where AI agents are embedded in the workflow itself. That changes the conversation from productivity gains to operational redesign.”
The implications are significant. When AI begins to execute rather than simply assist, governance, accountability and oversight become non-negotiable.
The power of agentic AI lies in its autonomy. But that same autonomy introduces new risks if not properly governed. “Autonomous systems can scale value very quickly, but they can also scale risk at the same speed,” says Sibiya. “You cannot experiment your way into agentic AI without clear guardrails. Governance must come before scale.”
For CIOs, this means designing frameworks that include clear ownership of AI agents, embedded auditability and traceability, transparent decision logic, data integrity and lineage controls and defined escalation thresholds.
“The days of AI pilots running in isolated innovation labs are ending. Agentic systems must be integrated into core enterprise architecture from the outset,” says Sibiya.
She says that one of the most misunderstood aspects of agentic AI is the assumption that it replaces human expertise: “In reality, it rebalances it.” Humans bring contextual judgement, ethical reasoning and strategic interpretation. Agents bring speed, consistency and scale.
“The real opportunity is not automation versus people,” says Sibiya. “It’s orchestration. CIOs must design environments where humans and AI agents collaborate in structured, intentional ways.”
In practical terms, this could mean that roles are redefined to include agent supervision, building agent literacy across departments, designing workflows where humans focus on exceptions and strategic judgement, ensuring AI outcomes align with business intent.
Agentic AI is not just a technical implementation. It is an operating model shift.
As business units begin experimenting with their own AI agents, from marketing automation to finance reconciliation, CIOs face a new challenge: balancing speed with control.
“The CIO cannot be the bottleneck,” Sibiya explains. “But we also cannot allow autonomous agents to proliferate without shared standards. The future is decentralised innovation within centralised governance.”
Sibiya says that this requires: a clear AI strategy aligned to business priorities, secure, API-first architecture, standardised integration frameworks, enterprise-wide security controls and consistent privacy and compliance oversight: “We are seeing CIOs evolve from gatekeepers to enablers and creating platforms where innovation can flourish safely.”
Traditional cybersecurity models were designed for human-triggered activity. Agentic AI introduces machine-triggered, self-directed actions that operate continuously and this changes the threat landscape.
“Security must now account for agents that act independently, interact with multiple systems and make decisions in real time,” says Sibiya. “We have to think about AI policing AI, automated oversight mechanisms that monitor agent behaviour dynamically.”
Security frameworks must evolve to include agent identity and access controls, role-based privilege design, continuous behavioural monitoring, real-time anomaly detection and automated rollback or containment protocols. Sibiya says that without this, organisations risk deploying systems they cannot fully see or control.
Many enterprises are still in the experimental phase with AI. But agentic AI demands a more deliberate progression.
“It’s not about jumping straight into full autonomy,” says Sibiya. “Start with structured automation, measure impact, refine governance, and then progressively increase autonomy. The roadmap matters.”
Agentic AI represents more than another technology cycle. It challenges organisations to rethink: “In many ways, this is a defining leadership moment for CIOs,” concludes Sibiya. “We are not just deploying systems anymore. We are shaping how intelligence operates inside the organisation. That comes with responsibility.”
As autonomous digital workers become embedded in enterprise workflows, the CIO becomes the architect of an intelligent ecosystem, one where innovation is balanced with control, speed is aligned with security, and human judgement remains central to responsible outcomes.