Spacelift survey finds AI-written infra code ships with little review

Let's Data Science – AI Governance(Global) 25 Jun 2026 52

AI-generated infrastructure code is shipping without adequate review across industry - a risk pattern APS agencies adopting AI-assisted development tooling should anticipate.

  • A vendor-commissioned survey of 406 IT leaders finds 93% experienced AI-caused infrastructure incidents, with only 19% having adequate governance.
  • Common incident outcomes include security misconfigurations reaching production and compliance violations - directly relevant to APS ICT risk management.
  • Survey is vendor-sponsored (Spacelift/Panterra Group) and trade-covered; findings are indicative but should be read with appropriate scepticism.
  • Consider Agencies adopting AI-assisted development or infrastructure-as-code tooling could assess whether existing review and validation processes are calibrated for AI-generated change volumes.
  • Monitor ICT risk and platform teams may want to monitor emerging policy-as-code and automated validation approaches as a potential control layer for AI-generated infrastructure changes.

Implications are AI-generated. Starting points, not advice — see methodology for how they're framed.

View original source