December arrives with a new question in every board meeting: what do we do about generative artificial intelligence? In a matter of weeks it went from being a technical curiosity to a topic on everyone's lips across the organization, and 2023 will be the year that conversation turns into decisions about budget, talent and risk. The good news is that there is no need to improvise: the trends that will define the year follow a logic that a board can prioritize with a clear head.
In short: 2023 will be led by generative AI and copilots, but their real value will depend on three decidedly unglamorous enablers: well-ordered data, AI governance and cybersecurity. The recommendation is to choose a small number of use cases with measurable impact and to build the guardrails from day one.
The leap in quality of large language models (LLMs) has been so visible that the risk, paradoxically, is enthusiasm itself. For the board, the priority is not to "have AI" but to identify where it creates concrete value: drafting and summarizing documents, customer service, development support, contract analysis or the generation of commercial drafts.
The fastest way generative AI will touch your people will not be a large project but assistants embedded in the tools they already use: email, spreadsheets, code and support. The copilot does not replace human judgment; it accelerates repetitive tasks and frees up time for the work that genuinely requires it.
If 2022 was the year of wonder, 2023 will be the year of hard questions: what data feeds these models? who approves a use case? how do we prevent bias and leaks of confidential information? A board that fails to define these rules will let each area make isolated decisions, multiplying the risk.
At SUMāTO we understand this governance as part of an AI-first strategy: technology first, but with guardrails built in by design.
No model shines on top of disorderly data. Generative AI has made it evident, to the entire leadership team and not only to the technical area, that the quality and order of information are the true differentiator. Those with data that is accessible, clean and well governed will be able to ride the wave; those without it will see disappointing results.
The same technology that helps your organization also helps whoever attacks it: more believable phishing emails, malicious code that is faster to produce and new surfaces of exposure. At the same time, generative models raise unprecedented questions about data leakage when an employee pastes sensitive data into an external tool.
You can learn how we address these fronts in our cybersecurity practice.
The cloud already consumes a meaningful share of the IT budget, and generative AI adds a variable-cost component that grows with usage. Without discipline, the bill spikes before the value becomes visible. FinOps -the practice of managing cloud spending with shared accountability across finance, technology and the business- becomes a leadership-level conversation.
A well-governed cloud foundation is the platform on which everything above rests.
This entire agenda depends on people willing to work differently. The scarcity of specialized profiles remains real, but the answer for 2023 is not only to hire: it is to train today's teams so they can work alongside these tools and know when to trust and when to question.
Faced with so many trends, the temptation is to open many fronts at once. The recommendation for 2023 is the opposite: choose a few initiatives with a clear owner, metric and horizon, and make sure the enablers -data, governance and security- advance in parallel. Generative AI rewards those who experiment in an orderly way, not those who run without direction.
Not necessarily. It is better to start with two or three well-defined use cases, each with an owner and a metric, and to scale whatever proves its value. Large, unfocused projects tend to consume budget before delivering results.
The combination of enthusiasm and lack of governance: sensitive information leaving the organization, incorrect answers taken as fact and costs that grow out of control. That is why AI governance and cybersecurity must be in place from day one.
By prioritizing. There is no need to put everything in order; it is enough to prepare the data domains that feed the chosen use cases and to classify information according to its sensitivity before connecting it to any model.
A joint effort across business, technology and finance, with an AI committee that approves use cases and safeguards the rules. Leadership sets the priorities; the areas execute them with clear owners.
2023 will not reward those who adopt the most technology, but those who adopt it with judgment. If your board wants to turn the noise of generative AI into concrete decisions, the first step is an honest diagnosis: which use cases are worth pursuing, what data supports them and what guardrails are needed. At SUMāTO we guide leadership teams across LATAM along that path. Let's talk about your IT agenda for 2023.