75% of healthcare organizations say AI has added confusion, not clarity, to email compliance.

7% of respondents identified that it’s difficult to know if their company's API program is compliant with new policies/regulations.

98% of security leaders reported using AI to manage security compliance in some capacity.

23% of organizations adopting AI identify regulatory compliance as an area where they are least prepared to address threats.

Supporting compliance with security policies is a top security convergence goal for 33% of organizations in France.

6.0% of organizations expect Governance and compliance in AI security to require the most new investment over the next 12 months.

25% of respondents are concerned about regulatory compliance related to AI usage.

52% of organizations in France are especially concerned about complex compliance requirements of sustainable AI practices compared to other countries.

24 S&P 500 companies highlight risks spanning copyright disputes, trade-secret theft, and contested use of third-party data for AI model training related to intellectual property.

13 S&P 500 companies warn of sensitive exposure under the General Data Protection Regulation, Health Insurance Portability and Accountability Act, and California privacy laws (CCPA/CPRA) related to privacy.

6 S&P 500 companies highlight uncertainty over how courts will treat IP claims tied to AI training data or who bears liability when autonomous AI systems cause harm due to cross-cutting legal risks.

12 S&P 500 companies warn that new AI-specific rules will bring heightened compliance obligations and potential enforcement actions related to compliance and enforcement.

The approximate annual budget contractors are investing in compliance, as budgets have grown, is nearly $50,000.

51% of data and IT leaders would shift their AI/ML deployment strategy for better data sovereignty/compliance

70% of financial services firms report that delays in scheduling pentests sometimes impact compliance or business timelines.

64% of small healthcare practices believe patient portals are required for HIPAA compliance.

"Small" violations can cost healthcare practices anywhere from $25,000 to $9.76 million per incident.

98% of small healthcare organisations falsely believe they are HIPAA compliant.

One-third of small healthcare practices report not having enough time for compliance tasks.

More than 80% of small healthcare practices expressed confidence in their current HIPAA compliance posture.