Skip to content
MarketScale
‹ Back to IndustriesSoftware & Technology

Enterprise AI's adoption gap: investment is up, but security, data, and accountability are lagging

Despite increased investment in enterprise AI, with 86% of C-suites raising budgets, only 32% report a sustained impact from their AI initiatives. Challenges such as prompt injection, shadow AI, and data gaps are contributing factors to this discrepancy. Effective strategies to address these issues are essential for realizing the full potential of AI in enterprises.

This story was produced through MarketScale. See how Software & Technology teams put it to work with Executive Thought Leadership.

By MarketScale Newsroom · Enterprise AiAi SecurityShadow AiPrompt Injection
Share
Learn this in 60 seconds

Key facts, context, and what it means, in one minute.

:60
0:001:00
Enterprise AI's adoption gap: investment is up, but security, data, and accountability are lagging

Key takeaways

01

86% of C-suites are increasing AI budgets.

02

Only 32% report sustained impact from AI.

03

Prompt injection and shadow AI are key challenges.

Only 32% of organizations report sustained business impact from AI, even as 86% of C-suite executives say they are actively increasing their AI budgets. That gap, drawn from an Accenture survey and reported by Forbes contributor Melody Brue, is the clearest signal yet that enterprise AI has moved past the pilot phase and into a harder problem: making it work operationally, at scale, without introducing new liabilities.

Three distinct failure modes are now visible across the enterprise. Security defenses have not kept pace with AI-specific attacks. A layer of unsanctioned AI activity is running below the radar of finance and IT. And models are breaking not because of faulty algorithms, but because the underlying data cannot handle real-world complexity. Each problem lands differently on different teams, but together they define the operational challenge of 2026.

Enterprise AI investment vs. sustained impact86C-suites increasing AI investment32Organizations reporting sustained impact
Accenture survey, reported by Forbes (Melody Brue, June 2026) · © MarketScaleDownload chart

Prompt injection: the attack vector security teams aren't ready for

CrowdStrike has characterized prompts as the functional equivalent of malware in AI-integrated environments, a framing reported by Forbes contributor Janakiram MSV. The mechanism is prompt injection: attackers embed instructions inside content that an AI agent processes, causing the model to act in ways the operator never authorized. A customer-service bot reads a malicious document; an internal copilot processes a poisoned email.

The exposure is not hypothetical. Janakiram MSV reported that 65% of organizations currently have no dedicated defenses against this attack class. As AI agents take on more consequential tasks, writing code, approving workflows, querying internal databases, the blast radius of a successful injection grows proportionally. Security teams built for perimeter defense and endpoint protection are largely unprepared for an attack surface defined by text inputs.

The operational implication is concrete. Any organization deploying agentic AI without input validation, output monitoring, and prompt-specific threat detection is operating with an unacknowledged gap in its security posture. CrowdStrike and other security vendors are beginning to address this, but the market for AI-native defenses is still forming.

Shadow AI: the labor your ledger doesn't see

Finance and procurement leaders face a different kind of exposure. Forbes contributor Güney Yıldız reported that 53% of automated work in enterprise environments now runs on AI applications not tracked in official systems. The term is shadow AI, and its implications go well beyond the familiar shadow IT problem.

When an employee or contractor uses an unsanctioned AI tool to complete a task, the output enters company workflows but the activity doesn't appear in cost accounting, vendor contracts, or compliance records. That creates a structural accounting gap: AI labor is being consumed and delivered, but it is invisible to the systems that govern spend, data handling, and regulatory reporting. For organizations in regulated industries, or those subject to data residency and privacy obligations, the exposure is direct.

Procurement teams that have spent the past two years building approved vendor lists and AI usage policies now face the reality that a majority of actual AI activity may be happening outside those guardrails. Closing that gap requires both technical controls, such as network monitoring and application allowlisting, and updated procurement policies that account for how individual contributors actually source and use AI tools.

Share of automated enterprise work on unsanctioned AI tools53Automated work on unsanctioned AI47Automated work on sanctioned AI
Forbes (Güney Yıldız, June 2026) · © MarketScaleDownload chart

Data quality: why more training data isn't the answer

The third failure mode is less visible but equally consequential. Forbes contributor Anjana Susarla argued that many enterprise AI deployments are not failing because of model architecture, but because the data feeding those models lacks the contextual nuance required to handle edge cases. Real-world business decisions routinely involve ambiguity, exception handling, and judgment calls that clean, structured training datasets don't capture.

The instinct to address underperforming models by adding more data is understandable but often counterproductive. Volume doesn't substitute for representativeness. A procurement model trained on historical purchase orders may perform well on routine transactions and fail on contract disputes, single-source justifications, or emergency buys, precisely the scenarios where automated judgment matters most.

Forbes contributor Bernard Marr raised a related structural point: as AI amplifies individual output, influence inside organizations is beginning to shift toward the employees who use AI most effectively, regardless of seniority. The people best positioned to identify data quality gaps and edge-case failures are often frontline workers, not the data scientists managing the models. That has direct implications for how IT and operations leaders staff AI programs.

What the Anthropic Fable suspension signals about AI vendor risk

A separate development offered a live demonstration of a procurement risk most enterprise buyers hadn't priced in. The two-and-a-half-week suspension of Anthropic's Fable AI model, shut down over security concerns before the company reached a deal to restore access, was reported by Amrith Ramkumar and Robert McMillan at The Wall Street Journal. Enterprise teams that had integrated Fable into workflows faced sudden disruption with little warning.

The episode makes clear that AI model availability is now a vendor-continuity question, not just a capability question. It should be evaluated accordingly in contract and resilience planning, alongside standard considerations such as SLA uptime and data portability.

What this means for your team

  • Audit your AI attack surface: map every workflow where an AI agent processes external input and validate whether prompt-level controls and output monitoring are in place. The 65% of organizations without dedicated prompt-injection defenses represent a specific, correctable gap.
  • Run a shadow AI census: require employees and contractors to disclose AI tools in use outside approved vendor lists. Cross-reference with network logs and expense data to get a realistic picture of unsanctioned AI activity before it becomes a compliance finding.
  • Reframe data quality as a procurement criterion: when evaluating or renewing AI vendor contracts, require documentation of how models handle edge cases and low-frequency scenarios relevant to your operations, not just aggregate accuracy benchmarks.
  • Build vendor continuity clauses into AI contracts: the Anthropic Fable suspension is a template for what enterprise buyers should now treat as a standard risk. Contracts should address model availability, substitution rights, and notification timelines in the event of regulatory or security-driven disruptions.

Featured companies

About the author

MarketScale Newsroom
MarketScale NewsroomEditorial Team, MarketScale

The MarketScale Newsroom reports on the companies, technologies, and trends shaping 16 B2B industries. It turns primary sources and expert commentary into clear, useful coverage for the people doing the work.

Software & Technology: are you visible to AI?

Before they reach out, Software & Technology buyers ask AI engines which vendors to trust. See how AI describes your company today, and where competitors show up instead.

Free workspace

You just read one expert. Imagine publishing your whole team.

This article was produced through MarketScale. Create a free workspace and turn your own team's expertise into articles, video, and social posts. No credit card, no demo required.

NPS +73 · 1,000+ creators · 38+ countries

What you get, free

Your own MarketScale Studio workspace
One video edit a month, on us
AI writing, editing, and publishing tools
In-platform coaching to learn the system

More Software & Technology Insights

Whats One Thing Every Facilities Director Should Do This Month?

Whats One Thing Every Facilities Director Should Do This Month?

The article discusses a crucial activity that every facilities director should undertake each month to ensure optimal function and management of their facilities. By focusing on key operational tasks, facilities directors can maintain efficiency and reduce unexpected problems. Monthly reviews and updates form the backbone of successful facilities management.

  • 01Facilities directors should engage in routine monthly reviews.
  • 02Proactive management can prevent potential facility issues.
  • 03Updating operational protocols enhances efficiency.

Jul 8, 2026

Eighty percent of U.S. factories have no automation. Here's what's holding them back

Eighty percent of U.S. factories have no automation. Here's what's holding them back

Despite recognizing AI's vital role in future success, a large majority of U.S. manufacturing plants have not implemented automation technologies. The discrepancy between manufacturers' intentions to adopt AI and the actual deployment is becoming more pronounced. Understanding the barriers to automation could help bridge this gap.

  • 0180% of U.S. factories lack automation.
  • 02AI is seen as critical for future success by most manufacturers.
  • 03There is a growing gap between AI adoption intentions and actual deployment.

Jul 8, 2026

Southeast Asia's enterprise AI push hits a familiar wall: data, talent, and integration debt

Southeast Asia's enterprise AI push hits a familiar wall: data, talent, and integration debt

Southeast Asian enterprises are rapidly investing in AI technologies, yet they are facing challenges with outdated infrastructure, skill shortages, and integration issues that hinder full deployment. This region sees a promising future in AI, but needs to address significant internal hurdles to achieve substantial progress. Strategies to integrate AI effectively into current systems and workforce development are crucial to overcoming these barriers.

  • 01Southern Asian companies are heavily investing in AI.
  • 02Legacy infrastructure is a major hurdle for AI deployment.
  • 03Talent gaps and ERP integration issues stall progress.

Jul 8, 2026

Explore More Software & Technology Insights

Read more expert perspectives from across Software & Technology.

Browse Software & Technology Hub

About the Expert

MarketScale Newsroom
MarketScale Newsroom

Editorial Team

MarketScale

The MarketScale Newsroom reports on the companies, technologies, and trends shaping 16 B2B industries. It turns primary sources and expert commentary into clear, useful coverage for the people doing the work.