Governance, cyber resilience and a human-in-the-loop approach key to unlocking AI's potential in the automotive supply chain

The conversation surrounding AI in the automotive supply chain has moved beyond debates about whether or not the technology should be adopted; the strategic advantages it offers cannot afford to be ignored. Instead, attention is increasingly turning to how organisations can deploy AI safely, effectively and at scale.

AI-focused sessions at ALSC Digital Strategies North America 2026 revealed three emerging realities: humans are becoming "agent bosses"; AI only works when governance and data foundations exist; and every new AI capability expands the cyber risk.

The future of the "agent boss"

Watch: Mazda's John Rich on AI and data integration in automotive supply chains

At ALSC Global 2025, Mazda's John Rich discussed AI, machine learning and maximising the end-to-end impact of these technologies on the auto sector.

As AI takes on a greater role within the supply chain, the role of the human within the decision-making process ultimately comes into question. But as John Rich, director of AI transformation at Mazda North American Operations, asserted, while the role play by human operators is evolving, the value of human input remains as vital as it has always been.

"It's the things that only humans can do that are so important," Rich said. "That judgment, the oversight and the creativity, that is where the strategy is won."

Rich immediately addressed the elephant in the room that is ever-present in conversations about AI in the workplace – the fear that AI is going to take jobs away from people. "It's not going to take away your job," he argued. "It's going to change it."

According to Microsoft's Work Trend Index 2025 report, 82% of industry leaders reported that they’re confident they’ll use digital labour to expand workforce capacity in the next 12-18 months. This report also revealed that 80% of the global workforce claimed they lack the time and energy to complete their work.

In this report, Microsoft coined the term "frontier firm", referring to a company powered by "intelligence on tap, human-agent teams, and a new role for everyone: agent boss".

Read more: Leadership, data and closing the AI literacy gap in auto supply chains

As AI tools become embedded across automotive supply chains, companies must focus on leadership understanding, data readiness and clear business value to ensure AI delivers meaningful results, according to AI experts from Mazda and Loftware.

As Rich outlined, the journey to frontier firms is expected to be split into three phases. To begin with, employees will work hand-in-hand with AI assistants that support them in the completion of their usual tasks. In the second phase, AI agents are expected to join teams as "digital colleagues", taking on specific tasks with human direction. And finally, Microsoft anticipates that humans will set directions for AI agents that will run entire business processes and workflows with supervision as required.

"Everyone is now going to be an agent boss," predicted Rich. "You're going to have teams of agents that you oversee and you're responsible for running, and you will direct them, oversee them." 

He explained his view that people will use different tools and capabilities to judge the decisions that AI agents make and determine what they create and what they build next. "Judgment and creativity are no longer soft skills, they are the differentiators in your skill set," he added. "The bottleneck not the technology, it's the skills and the training gap."

Rich's comments on the evolution of the human skillset for the modern age were echoed by panellists in a session on Day 1 of the conference, who argued that curiosity and adaptability are some of the most attractive qualities a candidate can have as organisations embrace agentic AI.

As AI systems become increasingly autonomous, Rich also emphasised the importance of accountability. He argued that organisations must carefully assess the level of risk associated with each AI use case and determine where human oversight remains necessary. "Oversight is the human's highest value work and you have to match that oversight to the risk," he said.

Governance as the foundation for AI adoption

During the conference, several speakers acknowledged that some organisations are deploying AI before establishing clear rules, standards and accountability – a common yet crucial mistake. Rather than restricting experimentation, clear policies and approved tools can give employees the confidence to explore AI safely while protecting company data and intellectual property.

Watch: Accuride’s Skotti Fietsam on increased logistics-IT collaboration

Accuride's Skotti Fietsam sat down on the Red Sofa at ALSC Digital Strategies North America 2025 to share her insights into how IT and logistics teams can collaborate, as well as the importance of digital tools in compliance and supply chain mapping.

Skotti Fietsam, senior vice president of supply chain and CIO/CISO at Accuride, illustrated the risks of inadequate oversight with an example of a board member who uploaded company documents to a generative AI (GenAI) platform to generate a summary, highlighting how easily sensitive information can be exposed without clear guidelines.

"I think we miss the step of governance because it's such a broad term, but really what it means is to set the rules and the guidelines for your internal users," shared Fietsam. "Everyone is going to go try it out themselves, so give them the ability to do that, to learn and be curious, but what are the guidelines and what are the tools they're allowed to use, and which should they not be putting their company's intellectual property into?"

By establishing the right governance, firms can empower individuals to explore and innovate with AI tools, but within safe and suitable parameters.

Mazda's John Rich also cautioned that organisations should not overlook the fundamentals in their rush to deploy AI. He argued that companies need documented processes, standard operating procedures and clear ways of working before autonomous systems can be trusted to execute tasks reliably.  "We've got to get back to some of the basics before we can move forward into this next era," he said.

AI is accelerating cybersecurity risk

As organisations increasingly embrace AI-powered tools and autonomous systems, speakers warned that the technology is also creating new cybersecurity challenges. While AI has the potential to improve visibility, efficiency and decision-making across supply chains, every new connection, platform and data source can also expand the attack surface available to malicious actors.

Read more: JLR revenue drops 25% amid £196m cyber attack costs

JLR’s revenue for Q2 2025 dropped by 24% year-on-year to £4.9 billion due to the effects of the cyberattack which hit the OEM at the beginning of September and has cost it £196m.

Accuride's Fietsam asserted that automotive companies can no longer afford to view cybersecurity solely as an IT concern. Rather, it should be viewed as a core supply chain issue, particularly as OEMs become more dependent on complex networks of suppliers and technology providers.

"Cyber resiliency in the supply chain is the number one concern of OEMs in cybersecurity," Fietsam stated, noting that while phishing used to be the top cybersecurity concern, the landscape has shifted in recent years and now supplier networks are the number one entry point for cyberattacks.

As evidenced with the JLR cyberattack in 2025, the impact these incidents can have on a lean automotive supply chain is huge, and threat actors are aware of this so have begun to target vulnerabilities in the supply chain.

Fietsam shared a simple mantra that encompasses her view of how companies should protect themselves against cyber threats: "Defend. Suspend. Don't pretend."

Defence begins with governance, as previously mentioned, ensuring that employees have clear guidelines for sage usage of digital tools. Next, she urged companies to "suspend" by making sure data is properly segmented. And finally, Fietsam warned against complacency. "Don't pretend," she said. "Because you are vulnerable, you are likely to be attacked."

The speed at which cyber threats are evolving is also being accelerated by AI itself. During a panel discussion, speakers noted that GenAI is making it easier for attackers to identify vulnerabilities, automate reconnaissance and launch increasingly sophisticated attacks at scale.

At the same time, AI is becoming an important defensive tool. Rich identified that organisations can use AI as a "white hat" capability, helping security teams identify weaknesses and strengthen systems before attackers are able to exploit them.

The discussion ultimately highlighted a growing paradox for supply chain leaders. The same technology that promises to unlock new levels of productivity and automation is also increasing exposure to cyber risk. As organisations move towards more agentic operating models, cyber resilience is likely to become just as important as the AI capabilities themselves.

AI as a value creation tool

Alongside Rich and Fietsam in a panel discussion on next-level digital logistics with a human touch was Jorge Liera, director of integrated supply chain for the Americas at TE Connectivity. Liera brought forward and interesting and important point concerning the deployment of AI technology – that AI should be judged by the value it creates for customers, employees and shareholders, not by the sophistication of the technology itself.

Innovation for the sake of innovation is pointless, AI deployments should be value-driven with clear objectives from the start – something Rich reiterated during Automotive Logistics' AI livestream in March.

"We really need to understand what our customers see as value from us and make sure that everybody understands that AI will deliver that the value to our customers," Liera said. "If what we're doing doesn't show with our shareholders, our team members and our customers, it's not a reality."

Liera also touched on Rich's earlier point about using AI not to replace humans, but to eliminate low-value administrative tasks to allow employees to operate at a higher level. "Instead of using AI to cut an employee's job, how do we make them a superhuman?" he asked. "How do we make them into a super analyst or a super planner that can, instead of managing 100 parts, manage 1,000 parts?"

Looking ahead to changes the industry could see in the next 12 months, Liera suggested that AI should encourage companies to think beyond incremental gains. Rather than using the technology simply to improve existing processes by a few percentage points, he argued organisations should consider how it can help them achieve entirely new levels of performance.

"Every time that we define the strategy and the metrics for next year, we talk about only marginal growth," he concluded. "I am sure that we can define goals that are very different, that are exponentially a step function above where we are today."