Most organisations know they need an AI strategy. Far fewer have built the security controls to make one safe. In 2026, AI governance has become one of the most consequential gaps in enterprise cybersecurity — not because the technology is inherently unsafe, but because the speed of adoption has consistently outrun the frameworks designed to manage it. The result is a growing class of breaches that did not come from a sophisticated external attacker. They came from inside, through tools that employees were using every day, that nobody in the security team had approved or reviewed.

The data behind this is no longer preliminary. It comes from IBM’s 2025 Cost of a Data Breach Report, published in July 2025 and based on analysis of 600 organisations globally, and it is direct enough to act on.

The Numbers Behind the Governance Gap

IBM’s report identified AI governance as a standalone risk category for the first time in 2025. The findings established a clear pattern: organisations that have not built governance infrastructure around their AI deployments are paying for it in breach costs, detection delays, and data exposure.

63% of breached organisations either had no AI governance policy or were still developing one at the time of their incident. Among those that did have a governance policy in place, only 34% performed regular audits for unsanctioned AI usage.

13% of organisations reported a confirmed breach of an AI model or application. 97% of that group lacked proper AI access controls. 1 in 5 organisations reported a breach linked to shadow AI — employees using AI tools outside the organisation’s sanctioned inventory. Each of those incidents cost an average of $670,000 more than a standard breach, with a detection timeline of 247 days, longer even than the already-damaging global average.

The organisations most exposed are those that adopted AI aggressively while treating governance as a future problem. In 2025, that future arrived.

What Ungoverned AI Actually Looks Like Inside an Organisation

Governance failures in AI are rarely dramatic. They do not begin with a sophisticated intrusion. They begin with an employee who found a useful tool, used it without thinking twice, and shared data that should never have left the organisation’s perimeter.

An analyst pastes a revenue forecast into a public AI tool to format it before a board meeting. A developer uploads proprietary source code to a consumer AI assistant to debug a production issue. A senior leader summarises a confidential client document using a free app on a personal device. None of these feels like a security event to the people involved. All of them represent unmonitored data flows to third-party AI systems with unknown data retention policies, training pipelines, and external integrations.

The security problem is structural. Most AI tools adopted through this route never go through a procurement or security review. They hold no formal credentials in the organisation’s identity infrastructure. They generate no logs that reach the SIEM. Lastly, they fall outside the scope of the data loss prevention tools and endpoint controls that the security team relies on.

Gartner’s 2025 survey of cybersecurity leaders found that 69% of organisations either suspect or have confirmed evidence that employees are using prohibited public AI tools. The majority of those employees are not acting carelessly — they are doing their jobs with the fastest tools available to them. The gap is not in intent. It is in the infrastructure that should have been built before the tools arrived.

The Overconfidence Problem That Makes It Worse

The governance gap would be easier to close if organisations knew how wide it was. The more pressing issue is that most believe they have controls, but they do not.

33% of executives claim they have comprehensive AI usage tracking across their organisation. Independent research from Deloitte found that only 9% have governance systems that are actually functioning. Gartner’s analysis goes further: just 12% of organisations have dedicated AI governance structures in place at all.

This overconfidence gap — where perception of control exceeds operational reality by more than three to one — is one of the most dangerous conditions in enterprise security. It means that organisations are making risk decisions based on a security posture that does not exist. Incidents that should be detectable are not being detected. Data that should be classified is moving without oversight. And when a breach occurs, the response is reactive and disorganised because the governance infrastructure needed to respond efficiently was never built.

Only 32% of organisations perform regular AI model audits. Only 37% have policies in place to manage or detect shadow AI. These are not organisations that have considered the problem and chosen to accept the risk. They are organisations that have not yet built the visibility to understand what their risk actually is.

Why Governance Delivers a Measurable Security Return

The case for AI governance is not only about reducing breach risk. IBM’s 2025 report found that organisations deploying AI and automation extensively across their security operations saved an average of $1.9 million per breach and reduced the breach lifecycle by 80 days compared to those without. The same infrastructure that enables AI adoption safely is the infrastructure that accelerates detection and response when something goes wrong.

This is the argument that moves AI governance from a compliance conversation to a strategic one. Governance is not a constraint on what organisations can do with AI. It is what makes AI adoption operationally sustainable. Organisations with mature governance frameworks can assess and approve new AI tools faster, respond to incidents with more precision, and satisfy regulatory scrutiny without the crisis response that ungoverned organisations face.

The competitive advantage is real. But it compounds over time only for organisations that build the foundations before an incident forces the issue.

The Regulatory Dimension European Organisations Cannot Ignore

For organisations operating under EU jurisdiction, the consequences of ungoverned AI are no longer confined to breach costs.

The EU AI Act’s high-risk system requirements become mandatory in August 2026. NIS2 entered enforcement in Q1 2026, carrying personal liability provisions for senior management alongside mandatory incident reporting requirements. DORA has been mandatory for financial entities since January 2025. Under GDPR, sharing personal data with an unsanctioned third-party AI system without a data processing agreement in place is a reportable violation, regardless of whether a visible breach occurred.

These frameworks have changed the calculation for European organisations in one specific way: governance failures that were previously internal risk decisions are now enforceable regulatory events. The organisations treating AI governance as a future investment are operating inside a compliance window that has already closed.

What Effective AI Governance Requires in Practice

Building effective AI governance is an operational exercise, not a documentation one. The organisations that manage this well share a consistent approach.

They start with discovery — a complete, accurate inventory of every AI system running across the organisation, including tools adopted without IT involvement. This is the foundation that every other control depends on. Without knowing what is running, classification, monitoring, and access control are all incomplete.

They apply access controls to AI systems with the same rigour they apply to privileged human users. Least-privilege provisioning, credential management, session monitoring, and anomaly detection are not optional for AI tools. They are the same controls that apply to any identity with access to sensitive data.

They invest in technical controls rather than relying on policy and awareness alone. IBM’s analysis is explicit: training sessions, warning emails, and written policies produce no measurable reduction in ungoverned AI usage. What reduces exposure is automated blocking of unauthorised AI access, real-time data classification, and unified monitoring that surfaces AI-related data flows before they become incidents.

And they build incident response plans that account explicitly for AI-related scenarios — because the playbooks written before AI became a primary risk category are not designed to handle the threat class that governance failures now produce.

The AVIANET Position

At AVIANET, our view is straightforward: AI governance is a cybersecurity function. It belongs inside the security programme, with the same operational discipline applied to every other category of identity and data risk.

The organisations we work with that manage this well are not those with the most sophisticated AI deployments. They are the ones that asked the right questions before the tools arrived: what is running, what can it access, who is accountable, and what happens if something goes wrong.

Those questions have answers. Building the infrastructure to answer them consistently is what separates organisations that adopt AI confidently from those that adopt it and hope for the best.

How AVIANET Can Help

AVIANET Cybersecurity Services works with organisations across Europe to build AI governance programmes grounded in operational security practice — not theoretical frameworks.

Our work includes shadow AI discovery and classification, AI risk assessments, governance framework development, access control reviews for AI tools and agents, NIS2 and GDPR compliance support, and security monitoring strategies designed for AI-driven environments.

If you would like to understand where your organisation’s AI governance gaps are before a regulator or an attacker identifies them first, we are glad to start that conversation.

Talk to the AVIANET team →