Managing AI risks in the Public Sector: A Distributed Digital Leadership Approach

Boniface Ushaka Adie; Elizabeth Valentine; Mary Tate; Wonhyuk Cho

doi:10.59490/dgo.2025.957

Authors

Boniface Ushaka Adie Wellington School of Buisiness and Government, Victoria University of Wellington, New Zealand https://orcid.org/0009-0009-9118-9358
Elizabeth Valentine Wellington School of Buisiness and Government, Victoria University of Wellington, New Zealand https://orcid.org/0009-0001-4096-6251
Mary Tate Wellington School of Buisiness and Government, Victoria University of Wellington, New Zealand https://orcid.org/0000-0002-4284-7467
Wonhyuk Cho Wellington School of Buisiness and Government, Victoria University of Wellington, New Zealand https://orcid.org/0000-0001-7607-6480

DOI:

https://doi.org/10.59490/dgo.2025.957

Keywords:

Cybersecurity, AI risks, Digital Leadership Competencies, Distributed Digital Leadership, All-of-Government

Abstract

Ensuring organisations are safe from cyber-attacks requires the contribution of every staff member and this also applies to AI risk mitigation. Organisations must assess and implement strategies that ensure AI risk mitigation is not just the responsibility of the cybersecurity team (who are always in short supply), but the entire organisation from the front-line staff who need to classify documents correctly, to the cybersecurity engineers who implement technology solutions to mitigate risks, and top management who drive and implement effective AI strategies, policies and investment prioritisation. In this study, we examine how the distributed digital leadership (DDL) framework can be used to enable agencies across government to mitigate AI risks in the public sector. We conducted semi-structured interviews with cybersecurity practitioners from public sector agencies and determined that AI risk mitigation is indeed everyone’s responsibility – spanning people, process, technology and data controls. Using the distributed digital leadership (DDL) framework, we provide actionable suggestions on how collective, and collaborative risk mitigation strategies can be implemented across the public sector by making everyone competent in their respective job role responsibilities. We suggest that a well-aligned DDL can help cushion the skills shortage risks in cybersecurity and the overall management of AI risks in the public service.

Downloads

Download data is not yet available.

References

Adie, B. U., Tate, M., Valentine, E., & Cho, W. (2024a). Conceptualising Distributed Digital Leadership in the Public Sector. ACIS 2024 Proceedings. 44,

Adie, B. U., Tate, M., Valentine, E., & Cho, W. (2024b). Digital Leadership Competencies for Digital Government: Insights and Implications from New Zealand Government Agencies. Proceedings of the 25th Annual International Conference on Digital Government Research,

Beltran, M. A., Ruiz Mondragon, M. I., & Han, S. H. (2024). Comparative analysis of generative AI risks in the public sector. Proceedings of the 25th Annual International Conference on Digital Government Research,

Braun, V., & Clarke, V. (2012). Thematic analysis.

Bright, J., Enock, F., Esnaashari, S., Francis, J., Hashem, Y., & Morgan, D. (2024). Generative AI is already widespread in the public sector: Evidence from a survey of UK public sector professionals. Digital Government: Research and Practice.

DIA. (2020). Strategy for a Digital Public Service. D. o. I. Affairs. [link]

DIA. (2024a). Digital Government Leadership. [link]

DIA. (2024b). Service Modernisation Roadmap. DIA. [link]

DIA. (2025a). Public Service AI Framework. DIA. [link]

DIA. (2025b). Research - AI in the public service. DIA. [link]

Duong, D., Sarbazhosseini, H., Alsheikh, M. A., & Ma, W. (2024). Conceptualising People, Process, Technology, Data, Governance and Continuous Improvement (2PTDGC) as a Framework to Explore the Cybersecurity Awareness and Process of Australian Medical Practices.

Ferdynandus, F., Prihanto, J. N., & Winarno, W. (2024). Implementing NIST Framework and the People, Process, Technology Approach in Indonesian Financial Services. International Journal of Engineering Continuity, 3(1), 172-182.

Franco, E., Yin, R., & Sankaranarayanan, B. (2024). Building Critical Statewide Cybersecurity Capabilities: The Wisconsin Model. Proceedings of the 25th Annual International Conference on Digital Government Research,

Ganapati, S., & Desouza, K. (2024). Public Value Principles for Secure and Trusted AI. Proceedings of the 25th Annual International Conference on Digital Government Research,

Janowski, T. (2015). Digital government evolution: From transformation to contextualization. In (Vol. 32, pp. 221-236): Elsevier.

Khisro, J. (2025). AI in Digital Government: A Literature Review and Avenues for Future Research.

Knutsen, L. Z., Hannay, J. E., & Riegler, M. A. (2024). Artificial Intelligence in the Public Sector--An Agenda for Responsible Innovation through Learning. Proceedings of the 7th ACM/IEEE International Workshop on Software-intensive Business,

Kumar, A., Shankar, A., Hollebeek, L. D., Behl, A., & Lim, W. M. (2025). Generative artificial intelligence (GenAI) revolution: A deep dive into GenAI adoption. Journal of Business Research, 189, 115160.

Layne, K., & Lee, J. (2001). Developing fully functional E-government: A four stage model. Government Information Quarterly, 18(2), 122-136.

Leblanc, R., & Gillies, J. (2005). Inside the boardroom: How boards really work and the coming revolution in corporate governance. John Wiley & Sons.

Lindgren, I., & Van Veenstra, A. F. (2018, 2018-05-30). Digital government transformation. Proceedings of the 19th Annual International Conference on Digital Government Research: Governance in the Data Age,

McClelland, D. C., & Boyatzis, R. E. (1980). Opportunities for counselors from the competency assessment movement. The Personnel and Guidance Journal, 58(5), 368-372.

Medaglia, R., Gil-Garcia, J. R., & Pardo, T. A. (2023). Artificial intelligence in government: Taking stock and moving forward. Social Science Computer Review, 41(1), 123-140.

Mergel, I., Dickinson, H., Stenvall, J., & Gasco, M. (2024). Implementing AI in the public sector. Public Management Review, 1-14.

Microsoft. (2025a). AI security for Microsoft 365 Copilot. Microsoft. [link]

Microsoft. (2025b). Data, Privacy, and Security for Microsoft 365 Copilot. [link]

Microsoft. (2025c). Microsoft 365 Copilot overview. Microsoft. [link]

Microsoft. (2025d). Microsoft 365 Copilot requirements. Microsoft. [link]

Miles Matthew, B., Huberman, A. M., & Saldana, J. (2020). Qualitative data analysis: A methods sourcebook. In (4th ed.): Sage Publications.

Millan-Vargas, A. O., Sandoval-Almazan, R., & Valle-Cruz, D. (2024). Impact and barriers to AI in the public sector: the case of the State of Mexico. Proceedings of the 25th Annual International Conference on Digital Government Research,

Myers, M. D. (1997). Qualitative Research in Information Systems. MIS Quarterly, 21(2), 241-242. https://doi.org/www.qual.auckland.ac.nz (MISQ Discovery, archival version, June 1997)

NCSC. (2025). Joint Guidance: Principles for security-by-design and -default. NCSC. [link]

O'Keeffe, J., Buytaert, W., Mijic, A., Brozović, N., & Sinha, R. (2016). The use of semi-structured interviews for the characterisation of farmer irrigation practices. Hydrology and Earth System Sciences, 20(5), 1911-1924.

Pathak, A., & Intratat, C. (2012). Use of semi-structured interviews to investigate teacher perceptions of student collaboration. Malaysian Journal of ELT Research, 8(1), 1.

Peppard, J., & Ward, J. (2004). Beyond strategic information systems: towards an IS capability. The Journal of Strategic Information Systems, 13(2), 167-194.

Peretz-Andersson, E., Lavesson, N., Bifet, A., & Mikalef, P. (2021). AI Transformation in the Public Sector: Ongoing Research. 2021 Swedish Artificial Intelligence Society Workshop (SAIS),

Persson, P., & Zhang, Y. (2025). Openness And Transparency by Design: Crafting an Open Generative AI Platform for the Public Sector. Proceedings of the 58th Hawaii International Conference on System Sciences. [link],

Sattlegger, A., & Bharosa, N. (2024). Beyond principles: Embedding ethical AI risks in public sector risk management practice. Proceedings of the 25th Annual International Conference on Digital Government Research,

Straub, V. J., Morgan, D., Bright, J., & Margetts, H. (2023). Artificial intelligence in government: Concepts, standards, and a unified framework. Government Information Quarterly, 40(4), 101881.

Tangi, L., Janssen, M., Benedetti, M., & Noci, G. (2021). Digital government transformation: A structural equation modelling analysis of driving and impeding factors. International Journal of Information Management, 60, 102356.

Toll, D., Lindgren, I., Melin, U., & Madsen, C. Ø. (2019). Artificial Intelligence in Swedish Policies: Values, benefits, considerations and risks. Electronic Government: 18th IFIP WG 8.5 International Conference, EGOV 2019, San Benedetto Del Tronto, Italy, September 2–4, 2019, Proceedings 18,

Ushaka Adie, B., Tate, M., & Valentine, E. Digital leadership in the public sector: a scoping review and outlook. International Review of Public Administration, 1-17. https://doi.org/10.1080/12294659.2024.2323847

Valentine, E. L. (2016). Enterprise technology governance: New information and technology core competencies for boards of directors Queensland University of Technology.

Wirtz, B. W., Weyerer, J. C., & Geyer, C. (2019). Artificial intelligence and the public sector—applications and challenges. International Journal of Public Administration, 42(7), 596-615.

Managing AI risks in the Public Sector

A Distributed Digital Leadership Approach

Authors

DOI:

Keywords:

Abstract

Downloads

References

Downloads

Additional Files

Published

Versions

How to Cite

Conference Proceedings Volume

Section

License

Programme dg.o

Browse per article type:

Search:

Questions?