The third annual AvePoint State of AI Report, published on 29 June 2026, has produced a headline that enterprise leaders cannot ignore. Of the 750 organisations surveyed across the Americas, EMEA and APAC, 88.4% experienced at least one AI agent-related security incident in the past year. At the same time, 46.9% of their employees now rely on AI agents daily or weekly. The deployment curve has steepened. The governance curve has not kept up.

This is not a fringe technology issue. It is a structural mismatch that is already delaying projects, increasing breach costs and exposing organisations to both operational and regulatory risk. The report, conducted with Osterman Research, makes clear that the constraint on enterprise AI is no longer model capability, but whether organisations have built the trust layer required to deploy agents with confidence.

The numbers that matter

AvePoint's data paints a picture of a technology that has moved from boardroom discussion to daily operations faster than the controls around it. Forty-six point nine per cent of global employees use AI agents on a weekly or daily basis. Work processes that incorporate agents are expected to double in the next 12 months. Organisations anticipate agents will replace more than 25% of human work within a year and nearly half within five years.

Yet visibility into what those agents are doing and where they are doing it is shrinking. The percentage of organisations unable to determine whether employees use unsanctioned AI tools has nearly tripled in a single year, from 6.3% in 2025 to 17.6% in 2026. For AI agents specifically, that blind spot is even larger: 21.1% of organisations do not know whether employees are creating or running agents outside official channels.

The security consequences are measurable. The most common incidents include data leakage (50.1%), manipulation by malicious or untrusted inputs (49.6%), and unauthorised access (cited by 72% of those who described themselves as "very confident" in their ability to prevent it). The confidence gap is perhaps the most revealing finding. Eighty-two point seven per cent of respondents report being "very" or "extremely" confident in their ability to prevent unauthorised data access. Among the "very confident" group, 72% still experienced an unauthorised access incident in the past 12 months.

The result is that 86% of organisations delayed agentic AI deployments by an average of nearly six months, citing data security and governance as the primary cause. Speed of deployment, without governance, is becoming speed of exposure.

Why governance is the new bottleneck

Deloitte's 2026 State of AI in the Enterprise report, which surveyed 3,235 leaders across 24 countries, confirms the pattern. Seventy-four per cent of organisations plan to deploy agentic AI within the next two years, up from 23% who report doing so today. Yet only 21% of those planning deployments have a mature governance model. Roughly 80% lack mature guardrails.

The two reports, taken together, describe a market where demand is accelerating and capability is lagging. Organisations know they need agents. Many are already using them. Few have the operational foundations to trust what those agents are accessing, altering or exposing.

AvePoint defines the trust layer as three things: visibility into what AI systems are doing, enforceable governance over the data they consume and create, and the ability to audit and correct outcomes when something goes wrong. The report notes that AI-generated data is compounding the problem. On average, 35.5% of enterprise data is now generated by AI assistants. That figure is expected to reach 42.1% within 12 months. When agents consume and act on AI-generated content, including redundant, outdated or low-quality data, governance failures multiply at scale.

What regulators are signalling

The regulatory environment is beginning to catch up. On 1 July 2026, the UN Secretary-General launched the preliminary report of the Independent International Scientific Panel on AI. Co-chaired by Yoshua Bengio and Maria Ressa, the report is the first independent scientific assessment of AI capabilities, risks and global governance gaps. The timing matters: it is designed to provide scientific grounding for the inaugural Global Dialogue on AI Governance held in Geneva on 6-7 July 2026.

Separately, the UK Financial Conduct Authority published a landmark review in late June, led by Sheldon Mills, assessing AI's impact on retail financial services. The review argues that as AI moves from recommending to acting, regulatory risk shifts from harm within a single firm towards system-wide harms. The FCA's stated goal is to build an AI-enabled agentic supervisory model. It also recommends that enterprises treat governance as a core enabler of AI capabilities, not a separate compliance function.

The EU AI Act adds a hard deadline. Its full enforcement provisions for high-risk AI systems are scheduled to take effect on 2 August 2026. Penalties under Article 99 can reach 15 million euros or 3% of global turnover. The AvePoint and Deloitte data suggest that most enterprises are not ready.

What buyers should do now

For enterprise procurement and architecture teams, the message from multiple independent sources is consistent. Governance can no longer be an afterthought bolted onto agent deployments. It has to be operational from the outset.

Key priorities include mapping the full agent attack surface, including both sanctioned and unsanctioned deployments; establishing real-time visibility into agent behaviour rather than periodic audits; enforcing access controls that carry forward existing identity and permissions models; and investing in third-party governance tools that monitor agent actions for policy alignment. Gartner has defined the emerging category as AI Agent Management Platforms (AMPs).

Buyers should also distinguish between governance theatre and operational control. A policy document is not enforcement. A confidence survey is not a security outcome. The AvePoint data shows the gap between confidence and competence is widening, not shrinking. Procurement teams should ask vendors for specifics: how are agent actions logged? What happens when an agent accesses data outside its approved scope? Can access be revoked in real time if an agent misbehaves?

What this means for suppliers

For companies building and selling AI agent platforms, the governance gap is both a market signal and a competitive differentiator. The signal is that buyers are delaying purchases because they cannot answer basic governance questions. The differentiator is the vendor that can answer those questions with evidence rather than promises.

Investment is already flowing in this direction. Ninety-five point five per cent of organisations have taken at least one action to mitigate AI agent security concerns in the past 12 months. The share doing nothing has dropped from 8.3% to 2.5%. Third-party governance tools are the top-rated planned investment for the next 12 months. Securing data used for AI training is the highest-rated future priority overall, at 79.5%.

Suppliers that can demonstrate production-ready audit trails, real-time policy enforcement, identity propagation across systems and clear incident response protocols will have a significant advantage. Those that treat governance as a feature to be added later risk being excluded from procurement shortlists as buyers harden their evaluation criteria.

The Agentic Expo angle

Agentic Expo exists because the market is at the precise moment where demonstrations are no longer sufficient. Buyers walking the floor at Olympia in March 2027 will want to see production deployments with governance, not proofs of concept with ambition. The data from AvePoint, Deloitte and the UN Scientific Panel confirms that the organisations succeeding with agents are those that invested in trust layers first.

The exhibition is designed for buyers who are evaluating platforms against hardened security and governance criteria. That is why we emphasise market-ready systems, not experiments. An agent that cannot be audited, controlled or corrected at scale is not market-ready. And the data published in the opening days of July suggests that market-readiness, measured by governance maturity rather than feature lists, is exactly the standard that enterprise buyers are moving toward.

Register Your Interest Exhibit at Agentic Expo

Sources: AvePoint State of AI 2026 press release (29 June 2026); AvePoint State of AI Report 2026 (full download); Deloitte State of AI in the Enterprise 2026 (press release, 21 January 2026); Deloitte: AI Agents Are Scaling Faster Than Their Guardrails (24 April 2026); UN Independent International Scientific Panel on AI: Preliminary Report (1 July 2026); CIO Dive / FCA Mills Review, 6 July 2026.