AI and automation have cemented themselves as pillars of enterprise operations. Both have brought measurable benefits to organizations: efficiency gains, streamlined operations, and new revenue opportunities, to name a few. And with new capabilities like agentic AI bursting onto the scene, AI and automation will only become more impactful in the coming years.

But accompanying these new capabilities are new complexities, and they’re evolving just as fast as the technologies themselves. As AI’s enterprise footprint grows, leaders are increasingly focused on maintaining control and visibility over this all-encompassing technology.

PagerDuty’s 2025 State of Digital Operations (SODO) report surveyed over 1,100 leaders across the globe to better understand how they’re leveraging AI and automation in their operations to drive business value. In this blog, we’ll unpack the double-edged nature of AI, exploring both the challenges it introduces and the strategies organizations are using to stay ahead.

How enterprises are using AI to mitigate operational risk

PagerDuty AI is proving to be a powerful force for strengthening operational resilience. According to the SODO report, 78% of organizations using PagerDuty’s AI-powered platform saw improved resilience in their digital operations year-over-year—compared to 73% of those without it.

That difference comes down to speed and precision. AI helps teams spot issues early and take action before things spiral out of control. 

AI is helping teams nip problems in the bud

With digital services expected to be available 24/7, organizations can no longer afford to simply respond to incidents after they happen. Operations teams are increasingly leveraging AI to take a more proactive approach—spotting early signs of trouble and addressing it before users even notice.

Modern AI tools underpin real-time anomaly detection that is constantly on the lookout for performance deviations. Over time, the AI adapts and learns from past incidents, making risk mitigation steadily faster and more precise. The SODO report found that the technology sector is leading the way in AI-powered threat detection, with 53% of respondents having integrated these capabilities.

AI-driven automation is making incident response routine

Once an issue is flagged, the real test is how fast and effectively teams can act on it. AI-driven automation can help enterprises quickly move from detection to action, containing the impact before it affects customers. In fact, the SODO report found that 37% of organizations that have adopted AI-driven incident response have improved operational efficiency and reduced downtime.

Here’s how AI is leveling up incident response:

• Faster resolution at scale: AI accelerates resolution by automating root cause analysis and orchestrating appropriate responses.
• Less manual triage: Repetitive tasks are offloaded to automation, freeing up teams to focus on higher-value work.
• Smarter workflows: The more incidents AI helps resolve, the better it gets. It learns from past events to make future responses faster and less disruptive.

Platforms like PagerDuty’s Operations Cloud bring this to life—harnessing the power of AI to automate key incident response tasks, reduce the burden on human teams, and allow them to focus on more strategic initiatives.

IT is using AI to take a proactive stance on security

As AI weaves itself deeper into every facet of the enterprise, executives are beginning to rethink the role of IT. Nearly half (45%) now see IT operations as a key driver of security and risk reduction—a dramatic shift from just a few years ago, when IT’s main responsibilities were maintaining digital infrastructure and troubleshooting user issues.

This shift is showing up in the numbers. In 2025, 71% of organizations are upping their security budgets to stay ahead of novel threats like AI-powered cyberattacks and third-party integration vulnerabilities. But bigger budgets don’t always mean bigger teams. To do more with less, IT is turning to AI to help them identify vulnerabilities before attackers have the chance to exploit them.

AI-driven automation: With new opportunities come new risks

The improvements that AI and automation bring are noteworthy, but they come with side effects. Those that integrate AI at scale are finding that it introduces new risks that their current frameworks weren’t built to handle.

Without a structured approach to AI deployment—one that comprises clear governance, real-time monitoring, and defined escalation paths—organizations may struggle to maintain visibility and control over increasingly complex, autonomous systems.

AI-driven automation introduces new security vulnerabilities

AI-powered automation has expanded the attack surface, leaving security teams with a wider area to protect while bad actors become more sophisticated. Cybercriminals are leveraging AI to manipulate machine learning models, bypass security protocols, and exploit gaps in automated detection systems. These attacks target the very automation tools meant to strengthen security. It’s no surprise, then, that more than a third (35%) of leaders cite data security as their top challenge in unleashing enterprise-wide automation.

The reality is that AI isn’t just helping security teams—it’s helping attackers, too. Without an adaptive security strategy, organizations risk falling behind as AI-driven exploits grow more advanced. Keeping up requires the right blend of modern capabilities: real-time monitoring, adaptive threat detection, and automated response mechanisms that can neutralize attacks before they cause too much damage.

Fragmented automation creates operational blind spots

Compounding this challenge are fragmented automations scattered throughout the enterprise: automated incident response, cloud cost optimization, security monitoring, etc. These “islands of automation” are a clear barrier to the 58% of executives who point to “more pervasive automation” as one of the key ways to level up operational effectiveness. Without a unifying framework, these isolated automations introduce inefficiencies rather than eliminating them.

Here’s a scenario to paint the picture: an organization automates customer-facing incident response, while separately automating cloud resource allocation. If the latter scales down infrastructure to cut expenses, it could unintentionally cause performance issues—forcing the incident response system into damage-control mode. You’re left with a reactive cycle that might cause more headaches than it’s worth.

Without safeguards, agentic AI increases operational complexity

2025 is the year agentic AI makes the leap from intriguing concept to enterprise value-driver. The SODO report found that 53% of CIOs and CTOs expect it to play a key role in their digital operations in the next one to two years. Unlike traditional automation, which follows a predefined script, agentic AI can independently detect, diagnose, and resolve operational issues—all without human intervention. While that level of autonomy has the potential to dramatically improve efficiency, it also raises serious concerns.

Without proper safeguards, AI agents can:

• Misinterpret data
• Escalate minor incidents into major disruptions
• Make decisions that don’t align with business priorities

The agentic AI opportunity is enormous, but getting it right requires putting specific guardrails in place. Organizations need a governance framework that keeps AI-driven decisions aligned with business objectives, along with a technology partner that provides transparency, control, and oversight every step of the way.

What’s next? Lessons from SODO on how enterprises can prepare for the future

So, how can organizations walk the risk/reward tightrope and realize maximum value from AI and automation? Here are three prescriptions from the SODO report for integrating AI and automation safely and effectively.

Cybersecurity must evolve alongside AI adoption

AI is a double-edged sword—it’s giving businesses new ways to defend against threats, but it’s introducing new ones at the same time. Security teams can’t rely on static defenses anymore. They need to lean on modern approaches like continuous monitoring, automated anomaly detection, and real-time response to combat evolving threats. Platforms like PagerDuty’s Operations Cloud come with built-in capabilities that help organizations detect, triage, and remediate risks faster while reducing their exposure to operational threats.

AI governance must be a top priority

Agentic AI adoption is moving at a breakneck pace. Eighty eight percent (88%) of organizations plan to deploy it within the next two years. It’s an exciting opportunity, but currently, governance is lagging behind. Before going all-in on agentic AI, leaders need to outline AI-specific policies to keep this technology aligned with business priorities and within the bounds of their risk tolerance and regulatory requirements. Managing governance at scale can be tricky, which is why PagerDuty’s AI-driven automation provides transparency, auditability, and control to help enterprises manage AI risk as they roll it out.

Automation maturity will determine operational resilience

True resilience is as much about preventing incidents in the first place as it is responding to them effectively. Resilience is strongly correlated with automation maturity—enterprises with mature automation strategies report faster incident response, higher reliability, and fewer disruptions. But gaps remain: While 74% of organizations have improved operational maturity year-over-year, many are still struggling to scale automation across critical functions like incident management and infrastructure optimization. As a result, they’re left with operational blind spots that expose them to disruptions and slow response times.

Closing this gap requires a shift from fragmented automation to a unified, intelligence-driven operations model. PagerDuty helps enterprises make that transition, leveraging automation to reduce downtime, improve predictability, and enable proactive risk mitigation.

Operational resilience is a competitive advantage

The risks that come with AI and automation are just as real as the benefits. Rather than taking a wait-and-see approach, the organizations that lead the way forward will embrace these technologies while making sure their security and governance frameworks are up to par.

We’ve just scratched the surface here. For a deeper dive into how enterprises are evolving their risk management strategies to prepare for the next era of digital operations, download the 2025 State of Digital Operations report.