Three-quarters of organisations have experienced AI-related security breaches while attempting to scale artificial intelligence deployments, according to a new report exposing widespread governance failures.

AvePoint's 2025 State of AI report reveals security and data quality concerns are forcing deployment delays averaging six months, with some organisations facing rollouts stalled up to 12 months.

The findings present a stark warning for CIOs and information managers racing to implement generative AI tools across Microsoft 365, Google Workspace, and Salesforce environments.

Inaccurate AI output troubles 68.7% of organisations, while data security concerns affect 68.5%. Nearly one-third identify AI hallucinations as the most extreme threat from generative AI assistants.

"We're seeing organisations treat AI governance as a checkbox exercise rather than an operational imperative," said Dana Simberkoff, AvePoint's Chief Risk, Privacy and Information Security Officer. "The gap between having policies and implementing them effectively is where most security incidents occur."

The report exposed contradictions in organisational readiness. While 90.6% of organisations claim effective information management programmes, only 30.3% have implemented effective data classification systems.

Among organisations claiming highest information management effectiveness, 77.2% still experienced data security incidents, revealing perceived readiness doesn't translate to actual protection.

The governance challenge intensifies as AI-generated content reshapes data landscapes. Nearly 20% of organisations expect generative AI to create more than half their data within 12 months. Current data growth rates of 23.8% are projected to jump to 31.6% next year.

"The exponential growth in AI-generated content is fundamentally changing how organisations must approach data security and governance," said John Peluso, AvePoint's Chief Technology Officer. "We're seeing enterprises struggle not just with the volume of new data, but with maintaining data lineage and ensuring quality control."

The research highlights critical infrastructure gaps. While 84.6% of organisations use multiple storage platforms, creating data sprawl challenges, 70.7% of organisational data is more than five years old, creating significant training data quality issues.

Organisations responded with targeted investments. Nearly two-thirds are increasing investment in AI governance tools, while 54.5% are boosting data security tool investments. Role-based training proved most effective, with 79.4% rating it as highly impactful.

The findings suggest organisations must prioritise data classification, implement robust governance frameworks, and address legacy data quality before scaling AI deployments. The challenge becomes more acute as organisations move toward agentic AI systems that act independently without human oversight.

AvePoint's research surveyed 775 respondents spanning 26 countries, targeting C-level through manager-level professionals with AI, information management, or data security responsibilities across financial services, government, and healthcare sectors.

The full report is available at https://www.avepoint.com/shifthappens/reports/artificial-intelligence-report-2025