The Governance Gap: What IDC’s 2026 Data Reveals About AI and the Software Supply Chain

In a rapidly evolving technological landscape, organizations face challenges in balancing the rapid adoption of AI with the necessary governance frameworks, as discussed in a JFrog-hosted panel titled “Agentic Software Delivery in 2026.” With AI becoming the top strategic mandate, engineering and security leaders must address the growing gap between corporate ambitions and governance readiness, as highlighted by the IDC 2026 Software Engineering Challenges Report. The phenomenon of "Shadow AI" is replacing "Shadow IT," with developers using unapproved AI tools and embedding AI-generated code without formal approval, thus creating unmanaged risks. The misconception that AI agents can self-regulate compliance is proving detrimental, as they often bypass unwritten policies, leading to security vulnerabilities. The solution lies in implementing smarter, platform-level guardrails rather than slowing AI adoption, ensuring that AI integration within software delivery pipelines is both secure and efficient.