The Agentic AI Readiness Gap: What Three Decades in Life Sciences Taught Me About What We Must Unlearn

I've spent nearly three decades building security and technology architectures in life sciences, navigating some of the most complex regulatory and collaboration challenges in business. The last 17 years in CISO and Chief Trust Officer roles gave me a front-row seat to every evolution in external collaboration architecture, and every failure mode. Anyone who has led security or technology in a highly regulated industry knows the pattern: every collaboration initiative begins with promise and ends with compromise.

We implement controls. Users find workarounds. Business pressure forces exceptions. Security posture degrades. We blame "user behavior" or "immature technology" and move on.
I participated in this cycle for 28 years in life sciences, 17 of them as a CISO and Chief Trust Officer. I believed it was inevitable, the cost of doing business in regulated environments where external collaboration is both mission-critical and high-risk.

Then I encountered the research showing that 90% of high-value agentic AI use cases are stalled in pilots (McKinsey, 2024), and I recognized the pattern immediately. When I reflected on my time providing identity security solutions, and mapped my path into data-centric security, it crystallized: the same structural barriers that prevented us from scaling secure external collaboration in clinical trials, pharmacovigilance, and supplier quality management may prevent organizations across every industry from capturing the transformative value of agentic AI. ‍

The barrier isn't the AI. It's our assumptions about what secure external collaboration requires.

I joined eSHARE as Chief Strategy and Trust Officer because I concluded that unlocking agentic AI value demands we unwind decades of conditioning, and that life sciences experience provides a uniquely valuable lens for understanding both the challenge and the path forward. ‍

‍

The Life Sciences Collaboration Paradox: A Mirror for Every Industry

Life sciences operates under constraints that amplify collaboration challenges found everywhere:

➠ Regulatory intensity (FDA, EMA, GDPR, HIPAA) demands complete auditability of data handling, but regulators expect this across thousands of external partners (CROs, research sites, suppliers, distributors, healthcare providers).

➠ Manufacturing complexity requires orchestrating quality data, specifications, deviations, and certifications across global contract manufacturing networks, often 100+ facilities for a single product.

➠ Commercial model dependency on external partnerships means sales effectiveness, market access, and post-market surveillance all require continuous, governed data exchange with entities we don't control.

➠ Research velocity demands rapid information sharing with academic collaborators, biotech partners, and clinical investigators, but the data involved (patient information, trial protocols, investigational drug data) carries significant regulatory and ethical sensitivity.

The paradox my teams and I lived repeatedly: The business activities generating the most value required the most external collaboration, and our security architectures made that collaboration the hardest to govern.

Example: Clinical Trial Document Management

A typical Phase 3 trial involves:

♦ 50-200 clinical sites across multiple countries

♦ 10-20 CROs managing different study functions

♦ 5-10 central laboratories processing specimens

♦ Multiple ethics committees and regulatory authorities

♦ Academic steering committee members

♦ Independent data monitoring committees

Each entity needs access to specific protocols, case report forms, safety reports, regulatory correspondence, often with updates occurring weekly.

The architecture we deployed (and that most life sciences companies still use):

♦ Email attachments for initial distribution (data leaves control)

♦ Separate "trial portals" for ongoing access (user adoption nightmare, guest account sprawl)

♦ SharePoint guest sharing for ad hoc updates (fragmented permissions, orphaned access)

♦ Manual tracking of what was shared with whom (inevitably incomplete audit trails)

The result:

➙ Protocol amendments took 3-4 weeks to distribute and confirm receipt

➙ Security team managed 1,500+ external guest accounts with unclear deprovisioning criteria

➙ Audit preparation required 6-8 weeks of forensic log reconstruction

➙ Shadow IT was pervasive; research teams used personal Dropbox, WeTransfer, Gmail

We blamed users. We blamed "the nature of clinical research." We blamed budget constraints preventing "better tools." What we didn't recognize: The architecture was fundamentally incompatible with how the work needed to happen.

‍

What Agentic AI Exposes: The Same Structural Failure at 100x Velocity

Fast forward to 2025. We’re watching organizations pilot agentic AI for high-value use cases, and we’re seeing the exact same pattern; but compressed into weeks instead of years.

Pharmacovigilance Case Processing (Life Sciences Example)

An AI agent could theoretically:

♦ Ingest adverse event reports from patients, healthcare providers, pharmacies, payers

♦ Extract relevant clinical details, medication history, temporal relationships

♦ Query medical records, lab results, prior case histories

♦ Draft regulatory reports, assess causality, recommend labeling updates

♦ Coordinate follow-up requests with reporters and healthcare providers

Business case: Reduce case processing time from 15 days to 15 hours. Handle 10x case volume with existing headcount. Improve safety signal detection by 40%.

The barrier: Every step requires secure information exchange with external parties, including patients, physicians, pharmacies, regulators, who won't adopt our security controls.

What we’ve observed in pilots:

➙ Week 1-2: Excitement about AI capabilities, impressive accuracy in test cases

➙ Week 3-4: Realization that real-world deployment requires external data collection

➙ Week 5-6: IT proposes portal access for external reporters (3-month implementation timeline)

➙ Week 7-8: Business stakeholders revert to "let's just have the AI process data we already have via email" (eliminating the transformative value)

➙ Week 9+: Pilot stalls indefinitely

Insurance Claims Adjudication (Financial Services Parallel)

Same pattern, different industry. AI agent could orchestrate evidence collection from policyholders, repair shops, medical providers, witnesses; but only if those external parties can securely provide information without joining your tenant, learning new tools, or creating credential sprawl.

Supplier Quality Management (Manufacturing Parallel)

AI agent could monitor certifications, audit reports, corrective actions across hundreds of contract manufacturers; but only if suppliers can share governed information without overwhelming your IT with access provisioning.

The common thread: High-value agentic AI use cases require secure, governed, auditable information exchange with external parties at scale. And our security architectures make this either impossible or so friction-laden that users revert to ungoverned alternatives.

‍

The Conditioning We Must Unwind

After 28 years in life sciences, 17 as a security executive, and two years focused on identity security across industries, I've identified five deeply ingrained assumptions that prevent us from solving this:

⦿ Assumption 1: "External sharing requires data to leave your control"

The conditioning: Every secure sharing approach we deployed, including encrypted email, secure portals, third-party file sharing, involved data leaving the M365 tenant. We accepted "loss of control" as the price of external collaboration.

Why we believed it: Because every vendor sold us solutions that worked this way. Because SharePoint guest sharing created fragmented governance. Because "air-gapped" thinking dominated security architecture.

What agentic AI exposes: When an AI agent needs to share clinical trial updates with 200 sites weekly, "data leaving your control" becomes an existential risk. You can't audit it, can't update it, can't revoke it, can't prove compliance.

The assumption to unwind: Data doesn't need to leave your tenant to be shared externally. Link-based sharing where content remains in SharePoint/OneDrive provides external access while maintaining single-source-of-truth governance.

‍

⦿ Assumption 2: "Secure collaboration will always be harder than insecure alternatives"

The conditioning: 20 years of watching secure portals fail, encrypted email get ignored, DLP rules circumvented via shadow IT. We concluded that users inherently resist security controls.

Why we believed it: Because every "secure alternative" we deployed was objectively worse than the insecure option. More clicks. Slower. Less functionality. Separate login. Terrible UX.

What agentic AI exposes: If an AI agent manages 50 concurrent workflows, each requiring external data exchange, the "collaboration tax" of cumbersome security controls kills the business case entirely.

The assumption to unwind: Secure can be genuinely easier than insecure, but only if the architecture integrates into existing workflows (Outlook, Teams) rather than requiring context-switching to separate tools.

‍

⦿ Assumption 3: "External parties must join your tenant or use separate credentials"

The conditioning: Guest account sprawl was inevitable. We'd provision 1,500 external accounts, struggle with lifecycle management, accept orphaned access as "technical debt."

Why we believed it: Because SharePoint guest sharing and Teams external access required it. Because VPN was the only alternative (expensive, complex, exposes internal systems).

What agentic AI exposes: When an agent coordinates pharmacovigilance case follow-up with 10,000 healthcare providers annually, guest account sprawl becomes unmanageable. Credential lifecycle becomes the bottleneck that prevents AI scaling.

The assumption to unwind: External parties can bring their own identity (BYOI) - authenticating with their corporate credentials to access specific content with specific permissions, never "joining" your tenant.

‍

⦿ Assumption 4: "Observability requires complex log reconstruction"

The conditioning: Audit preparation meant 6-8 weeks of extracting logs from Exchange, SharePoint, Azure AD, third-party portals, then manually correlating to answer "who accessed what clinical trial data last quarter?"

Why we believed it: Because collaboration architecture was fragmented. Because audit logs lacked context. Because "complete observability" wasn't technically feasible.

What agentic AI exposes: Regulators will demand "prove your AI agent handled patient data appropriately." Fragmented logs make this impossible. Agentic AI without end-to-end observability is unauditable, undefensible, untrusted.

The assumption to unwind: Every action, such as document shared, policy applied, external access, AI agent decision, can be captured in immutable, contextual, queryable audit logs if the architecture is designed for observability from the beginning.

‍

⦿ Assumption 5: "Transformation requires choosing between security and business value"

The conditioning: Every major initiative forced the trade-off. Tighten controls (slow the business) or relax governance (accept risk). CISOs learned to compromise.

Why we believed it: Because our architectures created zero-sum dynamics. Security added friction. Collaboration added risk. No third option existed.

What agentic AI exposes: The organizations that capture McKinsey's projected 50%+ productivity gains will be those who refuse the false choice; who build trusted collaboration architectures that enable both business velocity and governance.

The assumption to unwind: The right architecture eliminates the trade-off entirely. When secure sharing is easier, faster, and more functional than insecure alternatives, security becomes the business enabler. ‍

‍

The Life Sciences Lessons That Apply Universally

My three decades in life sciences, including 17 years leading security and trust functions, taught me patterns that transcend industry:

♦ Highly regulated environments amplify the collaboration challenge, but every industry is becoming more regulated (GDPR, CCPA, SOC 2, industry-specific frameworks).

♦ Manufacturing and supply chain require orchestrating data across entities you don't control, true in pharma, automotive, consumer goods, aerospace, electronics.

♦ Commercial models increasingly depend on partner ecosystems, whether CROs in life sciences, distributors in manufacturing, or channel partners in technology.

♦ Research and innovation demand rapid information exchange, from drug discovery to product development to R&D consortia across sectors.

♦ Corporate functions (finance, legal, HR, procurement) share the same external collaboration needs regardless of industry; managing vendors, responding to audits, coordinating M&A due diligence.

The agentic AI use cases stalling in pilots all share this common thread: They require secure, governed external data exchange at scale. And our architectures weren't built for it. ‍

‍

The Opportunity: Preparing for Agentic AI by Rethinking External Collaboration

The reason I joined eSHARE as Chief Strategy and Trust Officer is that I recognized a rare alignment:

The technology exists to fundamentally rethink external collaboration architecture, eliminating the assumptions that have constrained us for 20 years.

The business imperative is urgent: organizations that solve governed external collaboration in 2025 will capture disproportionate value from agentic AI by 2027.

The market needs practitioners who've lived the pain to help translate between what's possible and what security/technology leaders have been conditioned to believe.

eSHARE's Trusted Collaboration architecture addresses the conditioning directly:

➙ Data stays in M365 (link-based sharing, single source of truth, continuous control)

➙ Secure is simpler (integrated into Outlook/Teams, fewer clicks than attachments, automatic policy enforcement)

➙ External parties bring their own identity (no guest account sprawl, no credential lifecycle burden)

➙ End-to-end observability (every action logged with context, audit-ready by design)

➙ Zero trade-offs (business velocity and governance, not "or")

This isn't a life sciences solution. It's a fundamental rethinking of how external collaboration should work, informed by the industries where the problem is most acute, designed to apply universally.

Call to Action: Challenge Our Assumptions

For CISOs, CTOs, or technology leaders preparing for agentic AI, I encourage us all to examine our own conditioning:

➙ Do we assume external sharing requires data to leave our control? Not any longer. Link-based architectures do exist.

➙ Do we assume secure collaboration will always be harder than insecure alternatives? Not any longer. Integration eliminates friction.

➙ Do we assume external parties must join our tenant? Not any longer. BYOI is technically feasible.

➙ Do we assume observability requires forensic log reconstruction? Not any longer. Contextual audit trails can be built-in.

➙ Do we assume we must choose between security and business value? Not any longer. The right architecture eliminates the trade-off.

The organizations capturing transformative value from agentic AI won't be those with the most sophisticated AI models. They'll be those who solved the structural collaboration challenge that everyone else assumed was unsolvable.

My 28 years in life sciences, and the additional perspective gained from two years in identity security, taught me that the biggest barriers aren't technical, they're often psychological. We've been conditioned by repeated failures to believe certain problems can't be solved.

Agentic AI gives us both the imperative and the opportunity to prove that conditioning wrong. The question is whether we'll recognize it in time.