How do we come to terms with AI? Where do we find helpful information, who can we trust, what should we look for, will it meet ROI requirements, should we apply special compliance rules to it? There are a lot of questions enterprises have, and the one constant is that of almost 400 enterprises who have offered me comments on AI, none, meaning zero, are fully satisfied with what the know. Not only that, less than a fifth are satisfied with their approach to AI projects, and roughly the same number are satisfied with how they measure AI success.

I started my exploration into this issue set expecting to do a good/needs-work kind of blog, but there wasn’t anything I could really put in the “good” side of the chart. Instead, let’s look at where the most work is needed. To do that, I’ll mix the rate at which an issue appears in comments, the intensity of the problem’s impact, and my own assessment of the way the issue is really impacting AI.

The biggest problem, I think, isn’t the most expressed (only 30% cite it) nor is it the one enterprises say has the most impact (only a bit more than a quarter say it has). My own interactions say otherwise. The problem is that enterprises aren’t clear on just how to approach AI to generate benefits? Does AI make people work more efficiently, and thus like a rising tide, raises all boats, does it make applications work better, or what?

I blogged a couple times on AI recently (HERE and HERE), and in the first reference I pointed out that enterprises have divided their AI agents into three categories, each representing the way the agent fits into their business flow. I think this division reflects the importance of, and the fundamental need for, some model that links AI goals to specific places in business operations. You can’t just throw some AI at the CFO’s office wall and hope something sticks. The fact that less than a third of enterprises cite this as a key issue is troubling to me, because it almost disconnects AI planning from business planning.

The top problem reported to me (by 79% of enterprises) is that “expensed” AI, meaning AI used online for nothing, or billed on usage or a period of time (month, year) usually skips any formal project control. Line organizations and even individuals can contract for this sort of AI, and nobody knows about it—not IT, not internal audit, not the CFO.

Just short of half of the companies said they believed that “most” of their use of expensed AI services would not meet corporate guidelines for return on cost. Just over half said they didn’t think theirs would survive a compliance review, meaning that data security and sovereignty guidelines were not followed. Ten percent said that they had to intervene in some expensed AI applications to fix “serious” issues with cost or compliance. Fifteen percent said that some line departments had used expensed AI services but had then dropped them, almost always because they failed to generate a benefit. Eight percent said that they had told at least some of their employees not to use the free or personal-paid versions of AI at or for work.

The second-most-serious problem reported (by 66% of enterprises, cited as very serious by 43%) was that the sales initiatives of AI providers exaggerated value significantly, and often (said 38%) misleading. This tended to be most true of the expensed/cloud forms of AI. The result of this was that the rate of AI project failures (obviously relevant only to situations where there was a formal AI project and project controls applied) were higher than for non-AI projects. Failure rates averaged 39%, even though companies admit that AI projects often aren’t held to as rigorous a standard as other projects.

It’s easy to mislead about AI. The coverage of any technology vacillates between calling it the single-handed savior of the world as we know it, to a total fraud likely perpetrated by enemies of the state. Right now, the former dominates, but since neither option passes the sniff test, enterprises don’t have much to work with. The good news, for AI, is that coverage of the topic tends to create a strong expectation of success, and thus keeps people trying it, especially individual workers who have access to AI services. The bad news for AI is that the really solid applications are almost certainly going to require self-hosted agent technology, and lack of realistic views on how agents can/should be used raises the risk of a failure that will then taint the whole AI topic in the eyes of senior management.

The third-most-serious problem, which 56% of enterprises cite, is the need to tamp down reaction to those nay-saying stories, many of which have some basis in fact. Yes, it is very likely that AI services will hallucinate. Yes, it’s very likely that their use is going to expose some things that the company would prefer not be exposed. No, it’s not all that likely that hallucinations would impact agent applications of AI, and even when they occur with public AI services, they rarely create issues to those even modestly aware of the truths of the real world. I’ve had AI services present what I knew to be egregiously bad information, but it was so obviously wrong I didn’t even think about believing it. And while companies may well have some confidential information exposed, it’s probably not going to be actually used, just potentially so.

Why, then, is this a problem? Well, despite being of extremely low probability of impact, hallucinations and compliance risks are very real, and the potential risk is real enough that one would have to believe it will start biting people. That means that when management reads about this or that problem with AI, it’s hard to tell them that there’s no chance it will impact the business. On the other hand, admitting to this sort of risk validates extreme stories, which is why most enterprise IT planners say they tend to minimize them.

AI agents are like human consultants; they’re fallible. So are senior managers and AI planners. Artificial intelligence has one thing in common with real, human, intelligence; it’s not enough to totally prevent errors. What does a company do to prevent human error from messing things up? Every enterprise says they have procedures for that, so why not expect to need those procedures for AI?

Despite these issues, enterprises still believe in AI. Almost all say that they’ll be adopting it on a large scale within three years, a fifth say within a year, and one in twenty say they already have large-scale AI in play. But almost all also say they’re still groping through AI planning, and well over three quarters say that they believe that the AI space is still evolving too fast to commit to on a large scale. The best, they say, is yet to come, but to achieve it, these issues will need to be addressed.