{"version":"1.0","type":"agent_native_article","locale":"en","slug":"why-91-percent-companies-adopting-ai-without-knowing-what-data-they-share-mous65y3","title":"Why 91% of Companies Are Adopting AI Without Knowing What Data They're Handing Over","primary_category":"innovation","author":{"name":"Elena Costa","slug":"elena-costa"},"published_at":"2026-05-07T00:02:52.981Z","total_votes":82,"comment_count":0,"has_map":true,"urls":{"human":"https://sustainabl.net/en/articulo/why-91-percent-companies-adopting-ai-without-knowing-what-data-they-share-mous65y3","agent":"https://sustainabl.net/agent-native/en/articulo/why-91-percent-companies-adopting-ai-without-knowing-what-data-they-share-mous65y3"},"summary":{"one_line":"Most enterprises activate AI copilots on top of unclassified, over-permissioned data environments, creating invisible risk surfaces they cannot quantify or govern.","core_question":"What happens to corporate data when AI assistants are activated in environments that were never audited or governed for machine-speed access?","main_thesis":"The core failure in enterprise AI adoption is not model quality or budget — it is that organizations deploy AI on top of structurally disordered data, creating regulatory, security, and operational exposure that existing controls were not designed to detect or contain."},"content_markdown":"## Why 91% of Companies Adopt AI Without Knowing What Data They Are Handing Over\n\nGenerative artificial intelligence arrived at most organizations not through the technology department, but through the back door of productivity applications. Microsoft 365 Copilot, Gemini, the assistants embedded in collaboration platforms: these tools were activated in corporate environments where employees were already working, and with that began a silent experiment whose terms no one had fully negotiated.\n\nThe problem does not lie in the language models. It lies in what those models find when they connect to a real organization.\n\nAccording to Huble's report on data readiness for AI, **only 8.6% of companies consider themselves fully ready to operate with artificial intelligence**. The remaining 91% sits somewhere between experimentation and stagnation, despite having committed budget, time, and internal reputation to adoption projects. Deloitte, in its 2026 report on the state of AI in the enterprise, records that two-thirds of organizations report productivity gains, but it also documents persistent deficits in infrastructure, data management, talent, and risk control. The growth of employee access to AI tools was 50% in 2025. The readiness to manage that access did not grow at the same pace.\n\nThis gap is not accidental. It is structural. And it has a cause that few organizations are willing to name without euphemisms: corporate data is, for the most part, in disarray.\n\n## What the Assistant Finds When No One Is Watching\n\nWhen a company activates an AI copilot within its productivity environment, that system does not create new access doors. It uses the ones that already exist. It operates with the inherited permissions of the user who activates it and reaches exactly where that user can reach, with one operational difference that changes everything: it does so at machine speed.\n\nMicrosoft documents this behavior with precision. Its Copilot architecture establishes that the system operates within the service perimeter, bounded by the authenticated user and the content that person is authorized to access. It does not break permissions. It executes them. And therein lies the point that many security teams had not calculated with sufficient clarity: **if permissions are more open than they should be, a single prompt can retrieve what previously required dozens of scattered manual searches**.\n\nYears of shared folders that were never closed. Files copied for a one-time analysis that were left on personal drives. Sensitive emails with attachments archived without classification. Document repositories that accumulate records no one deletes because no one remembers they exist. That is the real raw material with which the AI assistant works when it connects to an organization that did not audit its environment before enabling access.\n\nThe risk does not originate from the language model. It originates from the data architecture that the model inherits.\n\nSecurity teams face here a visibility problem that their traditional tools do not solve. Data loss prevention was designed to monitor exit points. Identity management systems administer roles and permissions. Activity logs document what has already occurred. None of these instruments was built to map what happens when an AI query crosses documents, mailboxes, databases, and knowledge repositories in a single interaction, generating a response that combines fragments of information that had never been connected before.\n\nWhat emerges from that crossing can be perfectly legitimate. It can also be a concentration of sensitive data that no prior control had anticipated.\n\n## The Hidden Cost of Ignoring Infrastructure Before the Model\n\nThe dominant narrative around AI adoption in the enterprise has a foundational distortion: it places the conversation on models, interfaces, and use cases, and leaves in the background the question of what data feeds those decisions and under what conditions of order, classification, and governance.\n\nGartner estimates that **63% of organizations do not have the data management practices necessary to sustain AI projects**. That number helps explain why so many deployments stall before reaching production — not because of model limitations or lack of budget, but because the underlying data infrastructure cannot support what the model needs in order to operate coherently.\n\nThe misalignment has direct financial consequences. Organizations that invest in licenses, training, and process change without first resolving the data layer are paying for capacity they cannot use reliably. Worse still: they are assuming exposure they cannot quantify. If AI systems operate on unclassified data, with excessive permissions and without an up-to-date inventory of what exists where, the window of regulatory exposure widens in ways that auditors and legal teams are still learning to measure.\n\nPersistent Systems, among other vendors specializing in this field, structures its solutions around three precise axes: infrastructure optimization, data quality, and secure scaling of AI workloads. The sequence is not accidental. Scale comes last, not first.\n\nAstutis documents in its 2026 report that the vast majority of workers expect AI to have a significant impact on their roles within five years, but only a small fraction actively uses it today. The reason is not cultural resistance. It is that the real experience with AI tools in poorly prepared corporate environments generates concrete friction: inconsistent responses, results that mix information from different contexts, uncertainty about whether what the system returns can be trusted. That friction is not resolved by improving the model. It is resolved by resolving the data.\n\n## Governing AI the Way You Govern a High-Risk Identity\n\nThere is a conceptual shift that the most advanced organizations in this field are already executing, and that others will eventually have to make: **treating AI agents as governed identities, not as user tools**.\n\nWhen a copilot or an automation agent accesses corporate systems, it does so through service accounts, programming interfaces, and user contexts. It has permissions. It acts on data. It generates outputs that may contain sensitive information. For all those reasons, it should receive the same treatment as any high-privilege identity in an organization: periodic access reviews, application of least privilege, behavior monitoring, and traceability of what it touches.\n\nMost corporate security programs are not configured for this. They were designed with people and systems in mind, not AI agents that operate with their own logic, combine sources of information, and produce outputs that their human operators cannot always anticipate.\n\nData readiness for AI, in its operational sense, requires at least four concrete actions. First, building an up-to-date inventory of the AI systems active in the environment, including copilotos embedded in productivity platforms, custom models, and automation agents, mapped to the data sources they access. Second, classifying sensitive data consistently across cloud storage, software-as-a-service applications, and legacy repositories, because without that classification, compliance controls cannot distinguish between sensitive and generic information. Third, applying to AI agents the same review applied to high-risk service accounts: their permissions should reflect actual use, not accumulated inheritance. Fourth, connecting that data context to existing controls — including data loss prevention systems, identity and access management, and access gateways — so that policies reflect real exposure rather than abstract patterns.\n\nNone of these steps requires waiting for AI models to improve. They are decisions about the infrastructure that already exists.\n\n## Data Readiness Is Not a Prior Stage — It Is the Real Wager\n\nThe enterprise AI market is growing at rates exceeding 30% per year and is projected to reach between 150 and 200 billion dollars by 2030. In that context, **the competitive advantage will not lie in having adopted AI before everyone else, but in having adopted it on a foundation that allows operating with confidence and scaling without friction**.\n\nOrganizations that treated data readiness as a minor technical formality are discovering, in production, that their AI systems produce inconsistent results, that their legal teams cannot certify regulatory compliance for AI-assisted processes, and that their security teams cannot answer basic questions about what information is being processed and by whom.\n\nThe displacement that this moment reveals is not technological at its core. It is one of governance. Artificial intelligence is forcing companies to confront data problems that already existed before any copilot was ever activated: unclassified data, permissions accumulated without review, incomplete inventories, controls designed for a world where searches were manual and slow. What changed is not that those problems appeared. What changed is that it is no longer possible to ignore them without visible and rapid consequences.\n\nThe organizations that will emerge best positioned in this cycle are those that understood that preparing the data is not a step prior to adopting AI. It is, precisely, the foundational work that determines whether adoption produces value or simply produces more risk surface over which a faster system operates.","article_map":{"title":"Why 91% of Companies Are Adopting AI Without Knowing What Data They're Handing Over","entities":[{"name":"Microsoft 365 Copilot","type":"product","role_in_article":"Primary example of an AI assistant activated in corporate environments without prior data governance, used to illustrate how AI inherits existing permissions."},{"name":"Gemini","type":"product","role_in_article":"Cited alongside Microsoft Copilot as an AI assistant that entered organizations through productivity platforms."},{"name":"Huble","type":"company","role_in_article":"Source of the data readiness report citing 8.6% full AI readiness among enterprises."},{"name":"Deloitte","type":"institution","role_in_article":"Source of 2026 enterprise AI state report documenting productivity gains alongside persistent governance deficits."},{"name":"Gartner","type":"institution","role_in_article":"Source of the estimate that 63% of organizations lack adequate data management practices for AI."},{"name":"Persistent Systems","type":"company","role_in_article":"Cited as a vendor structuring AI solutions around infrastructure optimization, data quality, and secure scaling — in that sequence."},{"name":"Astutis","type":"institution","role_in_article":"Source of 2026 report on worker expectations about AI impact versus actual current usage rates."},{"name":"Elena Costa","type":"person","role_in_article":"Author of the article."},{"name":"Enterprise AI","type":"market","role_in_article":"The market context — projected at $150-200B by 2030, growing 30%+ annually — framing the competitive stakes of data readiness."}],"tradeoffs":["Speed of AI adoption vs. visibility into what data is being processed and by whom","Productivity gains from AI tools vs. regulatory and security exposure from unclassified, over-permissioned data environments","Cost of AI licenses and training vs. cost of data infrastructure remediation that makes those licenses usable","Convenience of activating embedded AI tools vs. governance overhead of treating AI agents as high-privilege identities","Early mover advantage in AI adoption vs. foundational stability that enables scaling without friction"],"key_claims":[{"claim":"Only 8.6% of companies consider themselves fully ready to operate with AI (Huble report).","confidence":"high","support_type":"reported_fact"},{"claim":"Two-thirds of organizations report productivity gains from AI, but persistent deficits remain in infrastructure, data management, talent, and risk control (Deloitte 2026).","confidence":"high","support_type":"reported_fact"},{"claim":"Employee access to AI tools grew 50% in 2025; governance readiness did not grow at the same pace.","confidence":"high","support_type":"reported_fact"},{"claim":"63% of organizations lack the data management practices necessary to sustain AI projects (Gartner).","confidence":"high","support_type":"reported_fact"},{"claim":"Microsoft Copilot operates within the authenticated user's existing permissions and does not create new access paths.","confidence":"high","support_type":"reported_fact"},{"claim":"AI copilots can surface sensitive data concentrations that no prior control had anticipated, by combining fragments across sources in a single query.","confidence":"medium","support_type":"inference"},{"claim":"Organizations paying for AI licenses without resolving the data layer are assuming exposure they cannot quantify.","confidence":"medium","support_type":"editorial_judgment"},{"claim":"The enterprise AI market will reach $150-200B by 2030 at 30%+ annual growth.","confidence":"medium","support_type":"reported_fact"}],"main_thesis":"The core failure in enterprise AI adoption is not model quality or budget — it is that organizations deploy AI on top of structurally disordered data, creating regulatory, security, and operational exposure that existing controls were not designed to detect or contain.","core_question":"What happens to corporate data when AI assistants are activated in environments that were never audited or governed for machine-speed access?","core_tensions":["AI adoption is driven by competitive and productivity pressure, but the data environments where AI operates were built for human-speed, human-initiated access — not machine-speed, cross-source queries","Existing security controls (DLP, IAM, activity logs) were designed for a world of manual searches; AI collapses that world, creating blind spots in tools organizations already trust","Organizations want to demonstrate AI ROI quickly, but the foundational work (data classification, permission audits, inventory) is slow, unglamorous, and organizationally difficult to prioritize","The narrative around enterprise AI focuses on models and interfaces; the actual failure point is data governance — a mismatch between where attention goes and where the risk lives"],"open_questions":["How should organizations measure and certify regulatory compliance for AI-assisted processes when the data layer is unclassified?","What new tooling categories are needed to provide visibility into AI queries that cross multiple data sources in a single interaction?","At what point does accumulated permission inheritance in a corporate environment become an unacceptable risk surface for AI activation?","How do legal and audit teams develop frameworks to assess AI-generated outputs that combine fragments of information never previously connected?","Will AI governance frameworks converge on treating AI agents as legal/regulatory entities with their own identity and accountability trail?","Does the 91% unreadiness figure reflect a temporary adoption gap or a structural ceiling that most organizations will not clear without external intervention?"],"training_value":{"recommended_for":["CISOs and security architects evaluating AI tool activation risk","CIOs and CTOs sequencing AI adoption investments","Data governance and compliance officers assessing regulatory exposure from AI deployments","Enterprise architects designing AI-ready data infrastructure","Business strategists evaluating competitive positioning in AI adoption","Vendors and consultants building AI readiness assessment or remediation offerings"],"when_this_article_is_useful":["When evaluating whether to activate AI productivity tools in a corporate environment","When designing or auditing an enterprise AI governance framework","When assessing regulatory compliance risk for AI-assisted business processes","When building a business case for data infrastructure investment as a prerequisite to AI adoption","When advising on identity and access management strategy in the context of AI agent proliferation","When benchmarking organizational AI readiness against industry data"],"what_a_business_agent_can_learn":["AI copilots do not create new data access — they execute existing permissions at machine speed, meaning pre-existing access control weaknesses become immediately consequential","Data readiness is a prerequisite for AI value, not a parallel workstream — organizations that skip it pay for capacity they cannot use reliably","AI agents should be governed using the same frameworks as high-privilege service accounts: least privilege, periodic access reviews, behavior monitoring, output traceability","Traditional security tools (DLP, IAM, activity logs) have structural blind spots for AI-generated cross-source queries and must be supplemented or replaced","The correct sequencing for enterprise AI adoption is: inventory → classify → govern → scale — not the reverse","Competitive advantage in the AI era goes to organizations with governable data foundations, not just early adopters","91% of enterprises are in a state of structural unreadiness for AI, making data governance a significant market and operational differentiator"]},"argument_outline":[{"label":"1. The silent entry point","point":"Generative AI entered most organizations through productivity tools (Microsoft 365 Copilot, Gemini), not through IT governance processes, bypassing formal risk assessment.","why_it_matters":"Adoption happened before readiness frameworks were in place, making the risk invisible by default."},{"label":"2. AI inherits existing permissions, not new ones","point":"AI copilots operate within the authenticated user's existing access scope — they don't break permissions, they execute them at machine speed.","why_it_matters":"If permissions are over-broad (which they typically are), a single prompt can surface what previously required dozens of manual searches across years of accumulated data."},{"label":"3. Data disorder is the structural root cause","point":"63% of organizations lack the data management practices needed to sustain AI projects (Gartner). Only 8.6% consider themselves fully AI-ready (Huble).","why_it_matters":"Stalled deployments and inconsistent AI outputs are symptoms of data infrastructure failure, not model failure."},{"label":"4. Traditional security tools have a blind spot","point":"DLP, IAM, and activity logs were designed for human-speed, point-to-point data movement — not for AI queries that cross documents, mailboxes, and repositories in a single interaction.","why_it_matters":"Organizations are assuming regulatory and security exposure they literally cannot measure with current tooling."},{"label":"5. AI agents must be governed as high-privilege identities","point":"Copilots and automation agents have permissions, act on data, and generate outputs containing sensitive information — they should receive the same governance as any high-risk service account.","why_it_matters":"Most corporate security programs were not designed for non-human actors with their own operational logic."},{"label":"6. Four concrete readiness actions","point":"Inventory active AI systems, classify sensitive data consistently, apply least-privilege reviews to AI agents, and connect data context to existing controls.","why_it_matters":"These are infrastructure decisions that can be made now, independent of model improvements."}],"one_line_summary":"Most enterprises activate AI copilots on top of unclassified, over-permissioned data environments, creating invisible risk surfaces they cannot quantify or govern.","related_articles":[{"reason":"Directly extends the article's argument: AI agents are already operating inside enterprise systems as governed (or ungoverned) identities, and identity strategy has not caught up — the exact governance gap this article diagnoses.","article_id":12386},{"reason":"Concrete case study of AI agents operating autonomously without human oversight, resulting in catastrophic data loss — illustrates the real-world consequences of the governance failures described in this article.","article_id":12270},{"reason":"Google's redesign of enterprise data architecture to make AI reliable in corporate environments is the practical infrastructure response to the data readiness problem this article identifies.","article_id":12170},{"reason":"Salesforce's agentic enterprise design shift illustrates how the enterprise software layer is moving toward AI agents as primary actors, making the governance questions in this article increasingly urgent.","article_id":12290}],"business_patterns":["Shadow AI adoption: AI tools enter organizations through productivity platforms, bypassing IT governance — analogous to shadow IT patterns from the SaaS era","Permission inheritance risk: AI systems amplify existing access control weaknesses rather than introducing new ones, making pre-existing technical debt immediately consequential","Infrastructure-before-scale sequencing: vendors like Persistent Systems explicitly structure solutions as optimize infrastructure → data quality → scale, not the reverse","Governance lag: employee access to tools grows faster than organizational capacity to govern that access — a recurring pattern in enterprise technology adoption","AI agent as high-privilege identity: the most advanced organizations are applying IAM-style governance (least privilege, access reviews, behavior monitoring) to non-human AI actors"],"business_decisions":["Whether to activate AI productivity tools (Copilot, Gemini) before auditing existing data permissions and classifications","Whether to invest in AI licenses and training before resolving the underlying data infrastructure layer","Whether to treat AI agents as governed identities subject to least-privilege and access review policies","Whether to build an inventory of active AI systems mapped to the data sources they access","Whether to apply consistent sensitive data classification across cloud storage, SaaS applications, and legacy repositories","Whether to connect AI data context to existing DLP, IAM, and access gateway controls","Whether to sequence AI adoption as: data readiness first, then scale — rather than scale first, then remediate"]}}