Report exposes critical gap between AI ambitions and operational reality, as data security and accuracy issues drive deployment delays
JERSEY CITY, N.J. – AvePoint (Nasdaq: AVPT; SGX: AVP), the global leader in data security, governance, and resilience, today announced the results of its annual report, The State of AI in 2025: Go Beyond the Hype to Navigate Trust, Security, and Value . The report revealed a striking disconnect between AI ambitions and execution: while organizations race to deploy AI at scale, more than 75% experienced AI-related security breaches, and security concerns are forcing deployment delays of up to 12 months.
Building on AvePoint’s 2024 report , the 2025 report tracks the evolution from AI experimentation to enterprise-wide enablement. The findings revealed that despite widespread AI adoption efforts, critical operational gaps persist around data security and quality, with these foundational issues delaying AI rollouts by up to a year for three-quarters of organizations.
According to the report, organizations are experiencing an implementation crisis that’s stalling AI progress:
- AI deployment delays average nearly 6 months, with some organizations facing rollouts stalled up to 12 months due to data quality and security issues.
- Inaccurate AI output (68.7%) and data security concerns (68.5%) top the list of factors for why organizations are slowing the rollout of generative AI assistants.
- 32.5% identify AI hallucinations as the most extreme threat from generative AI assistants.
- 64.2% report employees’ “lack of perceived value” as a major rollout barrier, indicating the difficulties of clearly articulating the value AI creates, and the need for stronger AI enablement programs.
“We’re seeing organizations treat AI governance as a checkbox exercise rather than an operational imperative,” said Dana Simberkoff, Chief Risk, Privacy and Information Security Officer, AvePoint. “The gap between having policies and implementing them effectively is where most security incidents occur. This challenge becomes exponentially more critical as organizations move toward agentic AI systems that can act independently and make decisions without human oversight. Basic security measures cannot keep pace with the complexity and sprawl of AI-generated data, leaving organizations vulnerable unless they evolve their governance models to handle autonomous AI agents.”
The AI Governance Paradox
The report exposed contradictions in organizations’ perception of AI readiness compared to their operational reality. Many companies experience gaps in data governance and information management that are creating significant obstacles to safe AI implementation:
- 90.6% of organizations claim effective information management programs, but only 30.3% have implemented effective data classification systems.
- Among organizations claiming highest information management effectiveness (52.4%), 77.2% still experienced data security incidents, revealing that perceived readiness doesn’t translate to actual protection.
- 43.4% are actively working on AI policies, demonstrating that governance remains iterative rather than a completed initiative.
- Unsanctioned AI usage continues to grow year-over-year, indicating persistent governance gaps in monitoring and enforcement.
The Data Explosion Challenge
Adding urgency to governance concerns, organizations face an unprecedented data management challenge:
- Nearly 20% of organizations expect generative AI to create more than half their data within 12 months.
- Current data growth rates of 23.8% are projected to jump to 31.6% next year.
- 84.6% of organizations use multiple storage platforms, creating data sprawl challenges.
- 70.7% of organizational data is more than five years old, creating significant training data quality issues for AI systems.
“The exponential growth in AI-generated content is fundamentally changing how organizations must approach data security and governance,” said John Peluso, Chief Technology Officer, AvePoint. “We’re seeing enterprises struggle not just with the volume of new data, but with maintaining data lineage and ensuring quality control when AI systems are both consuming and creating information at scale. The organizations succeeding in this environment are those building governance directly into their AI workflows rather than treating it as an afterthought.”
Organizations Respond with Strategic Investments
Despite the challenges, organizations are responding with targeted investments in foundational infrastructure:
- 64.4% are increasing investment in AI governance tools.
- 54.5% are boosting data security tool investments.
- 99.5% are implementing AI literacy interventions, with role-based training proving most effective (79.4% rate as highly impactful).
- 73.9% use both quantitative and qualitative feedback methods to assess AI program effectiveness.
Methodology
The State of AI in 2025: Go Beyond the Hype to Navigate Trust, Security, and Value surveyed 775 respondents spanning 26 countries, targeting C-level through manager-level professionals with AI, information management, or data security responsibilities. Industries represented include financial services, government/public sector, and healthcare. The research was conducted by Osterman Research. The study provides comprehensive insights into the current state of enterprise AI adoption, governance challenges, and emerging best practices. To read the full report, please visit: https://www.avepoint.com/shifthappens/reports/artificial-intelligence-report-2025 .
About AvePoint
Beyond Secure. AvePoint is the global leader in data security, governance, and resilience, going beyond traditional solutions to ensure a robust data foundation and enable organizations everywhere to collaborate with confidence. Over 25,000 customers worldwide rely on the AvePoint Confidence Platform to prepare, secure, and optimize their critical data across Microsoft, Google, Salesforce, and other collaboration environments. AvePoint’s global channel partner program includes approximately 5,000 managed service providers, value-added resellers, and systems integrators, with our solutions available in more than 100 cloud marketplaces. To learn more, visit www.avepoint.com .
Forward Looking Statements:
This press release contains certain forward-looking statements within the meaning of the “safe harbor” provisions of the United States Private Securities Litigation Reform Act of 1995 and other federal securities laws including statements regarding the future performance of and market opportunities for AvePoint. These forward-looking statements generally are identified by the words “believe,” “project,” “expect,” “anticipate,” “estimate,” “intend,” “strategy,” “future,” “opportunity,” “plan,” “may,” “should,” “will,” “would,” “will be,” “will continue,” “will likely result,” and similar expressions. Forward-looking statements are predictions, projections and other statements about future events that are based on current expectations and assumptions and, as a result, are subject to risks and uncertainties. Many factors could cause actual future events to differ materially from the forward-looking statements in this press release, including but not limited to: changes in the competitive and regulated industries in which AvePoint operates, variations in operating performance across competitors, changes in laws and regulations affecting AvePoint’s business and changes in AvePoint’s ability to implement business plans, forecasts, and ability to identify and realize additional opportunities, and the risk of downturns in the market and the technology industry. You should carefully consider the foregoing factors and the other risks and uncertainties described in the “Risk Factors” section of AvePoint’s most recent Annual Report on Form 10-K and Quarterly Report on Form 10-Q. Copies of these and other documents filed by AvePoint from time to time are available on the SEC’s website, www.sec.gov . These filings identify and address other important risks and uncertainties that could cause actual events and results to differ materially from those contained in the forward-looking statements. Forward-looking statements speak only as of the date they are made. Readers are cautioned not to put undue reliance on forward-looking statements, and AvePoint does not assume any obligation and does not intend to update or revise these forward-looking statements after the date of this release, whether as a result of new information, future events, or otherwise, except as required by law. AvePoint does not give any assurance that it will achieve its expectations. Unless the context otherwise indicates, references in this press release to the terms “AvePoint,” “the Company,” “we,” “our” and “us” refer to AvePoint, Inc. and its subsidiaries.
Disclosure Information:
AvePoint uses the https://www.avepoint.com/ir website as a means of disclosing material non-public information and for complying with its disclosure obligations under Regulation FD.
