CISOs find themselves at a pinch-point needing to manage AI risks while supporting organizational innovation. The way forward is adapting GRC frameworks.