The lack of consistent global AI standards forces companies to develop region-specific strategies, limiting the scalability and benefits of AI
By 2027, more than 40% of Artificial Intelligence (AI)-related data breaches will be caused by the misuse of Generative Artificial Intelligence (GenAI) across borders, according to the Gartner, Inc..
The rapid adoption of technologies GenAI by end users has outpaced the development of data security and governance measures, raising concerns about data localization due to the centralized computing power required to support these technologies. Topics like these and others that shape the priorities for data, analytics and artificial intelligence (AI) leaders and show how they can leverage the latest developments and trends to accelerate business will be highlighted in the Gartner Data & Analytics Conference 2025, which will be held on April 28th and 29th, at the Sheraton São Paulo WTC Hotel.
“Unintended cross-border data transfers often occur due to insufficient oversight, particularly when GenAI is integrated into existing products without clear descriptions or announcements,” it says Joerg Fritsch, Vice President and Analyst at Gartner. “Enterprises are seeing changes in the content produced by employees using GenAI tools. While these tools can be used for approved business applications, they pose security risks if sensitive prompts are sent to AI tools and APIs hosted in unknown locations.”
Gaps in global AI standardization create operational inefficiencies:
The lack of consistent global best practices and standards for AI and data governance exacerbates the challenges by causing market fragmentation and forcing companies to develop region-specific strategies. This can limit their ability to scale operations globally and benefit from Artificial Intelligence products and services.
“The complexity of managing data flows and maintaining quality due to localized AI policies can lead to operational inefficiencies,” says Fritsch. “Companies must invest in governance and safety “We are increasingly seeking advanced AI technologies to protect sensitive data and ensure compliance. This need will likely drive growth in the markets for AI security, governance and compliance services, as well as technology solutions that increase transparency and control over AI processes.”
Companies must act before AI governance becomes a global mandate:
Gartner predicts that by 2027, AI governance will become a requirement of all sovereign AI laws and regulations worldwide.
“Companies that fail to integrate the necessary governance models and controls may find themselves at a competitive disadvantage, especially those that do not have the resources to rapidly scale up governance structures. data governance existing ones,” says Fritsch.
To mitigate the risks of AI data breaches, particularly the misuse of GenAI across borders, and to ensure compliance, Gartner recommends several strategic actions for enterprises:
· Improve data governance: Ensure compliance with international regulations and monitor unintended cross-border data transfers by expanding data governance frameworks to include guidelines for AI-processed data. This involves incorporating data lineage and data transfer impact assessments into regular privacy impact assessments.
· Establish governance committees: Form committees to enhance AI oversight and ensure transparent communication about AI implementations and data handling. These committees should be responsible for technical oversight, risk and compliance management, and communication and decision reporting.
· Strengthen data security: Use advanced technologies, encryption, and anonymization to protect sensitive data. For example, check out Trusted Execution Environments (Trusted Execution Environments) in specific geographic regions and apply advanced anonymization technologies such as Differential Privacy (Differential Privacy), when data needs to leave these regions.
· Investing in TRiSM products: Plan and allocate budgets for trust, risk, and security management (TRiSM) products and capabilities tailored to AI technologies. This includes AI governance, data security governance, filtering and prompt redaction, and synthetic generation of unstructured data. Gartner predicts that by 2026, enterprises that apply AI controls will TRiSM AI will consume at least 50% less inaccurate or illegitimate information, reducing the risk of making erroneous decisions.
Gartner clients can learn more at “Predicts 2025: Privacy in the Age of AI and the Dawn of Quantum”.
Learn how to maximize the value of AI while managing critical risks with the companion ebook AI in Cybersecurity: Minimize Risks and Maximize Impact.
About the Gartner Data & Analytics Conference
Gartner analysts will provide additional analysis on data and analytics trends at the Gartner Data & Analytics Conferences, taking place March 3-5 in Orlando (Florida – USA); on April 28th and 29th in Sao Paulo (Brazil), from May 12 to 14 in London (England); from 20 to 22 May in Tokyo (Japan); on June 2 and 3 in Mumbai (India) and on June 17 and 18 in Sydney (Australia). Follow conference news and updates on X using #GartnerDA.
About Gartner for Cybersecurity Leaders
Gartner for Cybersecurity Leaders equips security leaders with the tools to help reshape roles, align security strategy with business objectives, and build programs to balance protection with business needs. Additional information is available at https://www.gartner.com/en/cybersecurity/products/gartner-for-cisos. Follow news and updates from Gartner for Cybersecurity Leaders on X and LinkedIn using #GartnerSEC. Visit the Press Room from Gartner for more information and insights.
About Gartner
O Gartner, Inc. delivers objective, actionable insights that drive smarter decisions and better performance for enterprises’ mission-critical priorities. To learn more, visit www.gartner.com
