Enterprise organizations are increasing investments in trusted data governance, security, and AI-ready architectures as artificial intelligence adoption accelerates globally, according to IDC’s “Trust Before Autonomy” presentation shared at IDC Directions Boston 2026.
The report – prepared by IDC’s Jennifer Glenn (Research Director, Security and Trust Group) and Stewart Bond (Vice President Data Intelligence & Integration Software), provides extensive survey data, charts, and strategic frameworks showing how enterprises are restructuring AI priorities around trusted and governed data ecosystems.
IDC’s research indicates that data-related risks have become the biggest obstacle slowing enterprise AI deployments. According to the first chart in the presentation, 44 percent of organizations identified security limitations of existing data platforms as the leading challenge limiting AI and agentic AI implementation. Another 39 percent pointed to industry compliance regulations as a major barrier, highlighting growing enterprise concern around regulatory exposure and governance requirements.
The survey further showed that 36 percent of organizations are worried about unauthorized access to sensitive data, while another 36 percent identified loss of sensitive data as a key AI deployment concern. Regional data privacy and compliance regulations were cited by 26 percent of respondents, while 24 percent expressed legal concerns related to AI systems, including plagiarism risks and intellectual property exposure. IDC’s findings show that enterprises increasingly view AI implementation as both a technology challenge and a governance challenge.
IDC’s comparative AI adoption charts demonstrated how enterprise priorities shifted significantly between 2025 and 2026. In 2025, AI infrastructure ranked as the top organizational priority with 47.7 percent of respondents identifying it among their top three focus areas. AI-ready workforce initiatives followed at 45.5 percent, while AI strategy accounted for 45.3 percent. AI-ready data architecture and AI platforms both stood at 40 percent, while AI-infused applications represented 38.2 percent. AI governance ranked lowest among the major priorities at 34.8 percent.
However, the 2026 chart revealed a major strategic transformation in enterprise AI planning. AI-ready data architecture became the top AI adoption priority at 45.7 percent, overtaking AI business strategy at 45.5 percent and AI infrastructure at 45 percent. AI-ready workforce programs remained important at 43.9 percent, while AI governance rose sharply to 38.5 percent. AI platforms accounted for 42.7 percent and AI-infused applications reached 34.8 percent. IDC said the ranking changes reflect the growing realization that trusted and scalable data foundations are necessary before enterprises can fully operationalize generative AI and autonomous agents.
One of the most important charts in the report showed that data governance has emerged as the single most important issue enterprises want their 2026 AI business strategies to address. Around 38.7 percent of organizations selected “data governance ensuring trusted, accessible, and high-quality data” as a primary AI strategy concern. Value and success metrics followed closely at 38.1 percent, indicating strong executive pressure to measure AI business outcomes and ROI. Operating model and talent initiatives accounted for 37.8 percent, while responsible AI and ethics represented 35.3 percent of responses. Vision and goals stood at 28.9 percent, while architecture and partners ranked at 20.5 percent.
IDC’s framework explaining trusted AI emphasized that successful AI outcomes require the convergence of data quality and data security. The presentation highlighted several dimensions of data quality including relevance, timeliness, up-to-date information, and unbiased datasets. On the security side, trusted AI environments require private, compliant, sovereign, and appropriately governed data access. IDC described trust as the core layer connecting data quality and data security to produce enterprise confidence in AI outcomes.
The report defined data trust as the ability to ensure organizational data remains accurate, unbiased, and free from ROT data, referring to redundant, obsolete, and trivial information. IDC stated that trusted enterprise data must remain accessible only to authorized users while being protected against vulnerabilities, cyber threats, misuse, and unauthorized exposure. The presentation also stressed that contextual data usage and governance controls are critical for enterprise AI reliability.
IDC’s “High-priority objectives in the next 12-18 months” chart revealed that enterprises are aggressively focusing on improving data control and analytics quality. Around 36 percent of respondents identified improving the quality of data and analytics products as the leading strategic objective. Another 34 percent prioritized ensuring the security and privacy of enterprise data assets. Improving how data is incorporated into business decision-making ranked at 28 percent, while improving the quality of available enterprise data also stood at 28 percent.
The same survey showed that 25 percent of enterprises are prioritizing support for generative AI and agentic AI use cases, reflecting rapid enterprise movement toward autonomous AI workflows. Another 24 percent are focusing on predictive and interpretive AI use cases. Improving data literacy across organizations accounted for 22 percent, while regulatory data compliance reporting also reached 22 percent.
IDC additionally found that 22 percent of enterprises are optimizing data storage and processing costs, 18 percent are focused on reducing time-to-decision through faster data availability, 17 percent are improving data democratization and utilization, and 15 percent are working to improve governance of unstructured data environments.
IDC introduced a “Data Control Plane” framework to explain how enterprises can centralize governance and trust functions across modern AI ecosystems. The framework integrates data cataloging, data lineage, data quality management, data governance, and data product management into a unified operational structure. IDC also identified several security-focused layers including data security posture management, data access governance, and data loss prevention systems. The framework highlighted the growing importance of privacy, compliance, sovereignty, obfuscation, tokenization, and masking technologies in AI-driven enterprise environments.
Another framework in the presentation showed how data intelligence and data security combine to create effective enterprise data governance. IDC identified multiple components within data intelligence, including data classification and sensitivity analysis, lineage and provenance tracking, business semantics, usage telemetry, ownership and stewardship management, and quality observability. These functions help enterprises understand how data is generated, transformed, accessed, and used across AI systems.
On the data security side, IDC identified role-based access control (RBAC), attribute-based access control (ABAC), encryption, masking, policy enforcement, audit trails, monitoring systems, least-privilege enforcement, and integrity protection as essential governance layers for trusted AI deployments. IDC grouped these governance principles into six core pillars including permissions, provenance, privilege, policies, principles, and integrity.
IDC also stressed that enterprise AI governance requires a combination of technology, people, and process management. The report highlighted staffing, skills development, ownership accountability, policy frameworks, metrics tracking, and organizational collaboration as essential operational foundations supporting trusted AI data governance. IDC added that policy control, observability, and enforcement capabilities are becoming critical operational requirements as organizations scale AI deployments.
The report also showed how enterprises are increasingly using AI itself to improve data management and security operations. IDC’s survey revealed that 65 percent of organizations are already using AI tools or AI agents for risk assessment. Another 61 percent are leveraging AI for gathering and analyzing contextual information to improve data classification and governance accuracy. User behavior analytics and prompt analysis accounted for 52 percent, while AI-generated incident reports also represented 52 percent of enterprise adoption.
Additional enterprise AI use cases included auditing and compliance reporting at 45 percent, identifying jailbreaking attempts on models or data sources at 32 percent, and data obfuscation or anonymization initiatives at 32 percent. Around 24 percent of organizations are also using AI for discovery of dark or hidden data assets inside enterprise environments. IDC’s findings suggest that AI is increasingly being deployed not only for productivity gains but also for governance automation and enterprise risk reduction.
IDC advised technology vendors to differentiate their trust and governance capabilities more clearly as competition intensifies across the AI infrastructure and software market. The report recommended that vendors prioritize governance based on risk exposure, helping enterprises focus first on sensitive data environments, high-risk AI models, and regulatory compliance obligations. IDC also encouraged vendors to act as change agents for AI governance transformation as AI capabilities become embedded across the enterprise data stack.
The presentation emphasized that trusted data governance will become the foundational layer enabling safe AI autonomy, enterprise-scale automation, and widespread adoption of agentic AI systems. IDC argued that organizations cannot safely scale autonomous AI agents without first establishing trusted data architectures, policy enforcement mechanisms, and governance frameworks capable of maintaining enterprise confidence and regulatory compliance.
IDC also highlighted additional research resources focused on agentic AI applications, Asia Pacific AI and GenAI spending trends, and evolving enterprise buyer behavior for 2026. The company noted that data readiness will increasingly determine which AI pilot projects successfully move into large-scale production deployments.
RAJANI BABURAJAN
