Market research by data and AI trust company Veeam has revealed that 80% of leaders say they can scale AI safely, yet only one in three can produce evidence to prove it. The research coincides with the company’s launch of a Data and AI Trust Model, a framework designed to address a consistent gap between AI ambition, confidence and operational readiness.
The research is based on insights from 300 senior business and technology leaders in the US, including C-suite executives responsible for data, security, risk and technology strategy. Veeam adds that, while respondents were US-based, the findings reflect broad enterprise trends around AI adoption, governance and data readiness that are consistent with what the company is seeing globally.
The intention behind the model is to help organisations assess, benchmark and strengthen how they govern and operationalise AI, and close the disconnect between perceived readiness and real-world execution.
The company adds that, according to its research – including the 'Finding Your Path to Safe AI at Scale' report as well as the 'Data and AI Trust Model – Safe AI at Scale' executive brief, organisations have moved faster on adoption than on the identity frameworks, data foundations and governance needed to justify those decisions to a board, auditor or regulator.
The challenge, Veeam asserts, is no longer whether AI is being used, but whether its actions can be understood, controlled and validated.
Key findings of the research include:
- AI is no longer experimental. Nearly seven in 10 organisations report AI is embedded across multiple business functions or central to their operations, meaning AI systems and agents now touch sensitive production data, customer records and decision-making workflows every day.
- Executive confidence is high, with 80% of leaders saying they are confident in their ability to scale AI safely over the next two years.
- Confidence often lacks evidence, as nearly half of executives acknowledge that their confidence is driven more by intuition than by demonstrable, audit-ready proof they could readily provide to external stakeholders.
- Execution challenges are emerging as AI scales, with 52% of organisations reporting AI initiatives scaled back over the past 18 months, four in 10 experiencing delays and 28% discontinuing initiatives entirely.
- Barriers to progress are operational rather than technological, led by gaps in AI and machine learning skills (43%), difficulty integrating AI into existing workflows and systems (33%), regulatory uncertainty (25%), data quality limitations (20%) and explainability concerns (19%).
- Governance maturity lags deployment, with nearly nine in 10 organisations reporting formal AI governance policies exist in some form, but only about one in three saying they could produce comprehensive audit evidence immediately if required.
Anand Eswaran, CEO at Veeam, explains: “The research reflects a global trend across industries, where organisations are moving faster on AI adoption than on governance and operational controls. The findings do not suggest that organisations are adopting AI faster because of identity frameworks, data foundations or governance. Instead, they show the opposite: organisations have moved faster on AI adoption than on building the identity frameworks, data foundations and governance needed to support and validate those deployments.”
Veeam says the model evaluates AI maturity across 12 dimensions and maps progress across five stages.
The stages are: reactive (ad hoc), emerging (reliable but limited), established (consistent and repeatable), advanced (embedded and proactive), and industry-leading (self-optimising).
Dimensions include contextual data intelligence, data risk strategy, identity and access governance, AI and agentic security and governance, data security, compliance and privacy, data backup, data recovery, data architecture and portability, AI and agentic resilience, AI readiness, and AI development and enablement.
Krista Case, principal analyst at theCUBE Research, adds: “AI success hinges on the strength of the data foundation, but that’s exactly where organisations are exposed. While three-quarters of organisations are already running maturing or operational AI deployments, fewer than a third are backing up even half of their AI-generated data, according to our research. And that's translating directly into real risk. Attackers are going straight after the data layer through inference, corruption, poisoning and exfiltration. Practitioners need structured, benchmarked insight that ties technical controls to real business and regulatory outcomes.”
Share
