从探索到执行：为何AI治理、安全与信任至关重要

Why AI governance, securityand trust matter The competitive advantage of disciplinedexecutionover speed Contents “In many AI programs, halfthe effort isn’t technical –it’s business changeand education.” John Walsh, Europe CTO, Fujitsu Introduction:The window forexperimentation With€2.52 trillion in AI spendingforecastfor 2026, organizations face a starkreality. Research shows that46% of AIinitiatives are abandoned before broadadoption, and the cost of architecturalmissteps is rising. Retrofitting governanceand sovereignty after deployment canincrease costs to organizations by three tofive times and delays market entry by sixto 12 months, warns Fernando Almeida,Head of Portfolio Strategy Hybrid IT,Fujitsu. “Regulation is no longersomething you deal withafter deployment. Itshapes how AI systems aredesigned from the start.” Fernando Almeida, Head of PortfolioStrategy Hybrid IT,Fujitsu The window for experimentation isclosing. As authorities beginenforcementof the EU AI Act in August 2026, affectingany organization deploying AI systemswithin the EU market, business leaderswill have to prove compliance withstricter data, risk management andtransparency obligations. This meansthey face pressing architectural decisions.Success now depends less on innovativespeed and more on disciplined execution:governance, security and trust must bebuilt into AI initiatives from the start, notbolted on as afterthoughts. This report examines how IT and businessleaders are shifting from pilot-drivento platform-driven AI strategies, andwhy organizations that build thesefoundations now will scale faster andmore safely than the ones thatretrofit. “It’s a step-by-step journey.Things don’t get changedovernight.” Shanker Ramrakhiani, Chief InformationSecurity Officer and Head of BusinessContinuity,IIFL Group The foundationdetermines the ceiling “Before you think abouttools, you need tounderstand your data –where it is, who owns itand what you are allowedto do with it. Otherwise,AI creates risk insteadof value.” If companies are to realize the promiseof AI, a strong data and cloud foundationwill be necessary. “You need to set upthe foundation first, and that part isslow because you have to agree onarchitecture, governance and operatingmodels in advance,” explains Fujitsu’sAlmeida. “But once that foundation is inplace, you can adopt new AI capabilitiesquickly andsafely.” Taking time-saving shortcuts in thearchitectural set-up will prove costly inlong-term technical debt. AI systemsincreasingly fall under binding legalregulations, including the EU AI Act withits imminent enforcement date. Andretrofitting governance after deploymentdelays market entry by upto a year. Fernando Almeida, Head ofPortfolioStrategy Hybrid IT, Fujitsu "Clean, well-understood data is thefoundation for everything else,” says JohnWalsh, Europe CTO at Fujitsu. Accessto quality data directly dictates the usecases available to organizations. Poordata quality becomes a risk multiplierwhen combined with AI because errorsscale faster, appear more credible (i.e.,they are less easy to detect) and sit closerto decision-making. RecentFujitsu researchrevealed thatconcerns over the dominance of UShyperscalers have pushed 78% ofEuropean organizations to shift workloadsto private cloud, with 83% consideringsovereign or domesticproviders. Senthil Loganathan, Global Head, CloudPlatform at bank and financial servicescompany Standard Chartered, says hisorganization is taking a platform-firstapproach to AI implementation: “We’restarting by investing in a platform onwhich we can build the specific AIcapabilities that are required for the bank.”Loganathan says this has led to significantimprovements in areas such as softwareengineering, where engineers are able tocreate code up to 30% morequickly. In light of this, and with regulationstightening and geopolitical risk increasing,sovereignty has become more important.Stronger data sovereignty can also boostcompetitiveness in a fragmented andunpredictable world. It limits exposure toforeign government actions or sanctionsand allows greater operational controland diversification of suppliers. of European organizations haveshifted workloads to private cloud,with 83% considering sovereign ordomestic providers Security startswith transparency Another essential part of building theright AI foundations is creating guardrailsthat employees trust and feel safeworking within. While AI brings a wealthof opportunities, it also introduces myriadnew threats. New interfaces, vendorsand suppliers all add risk, as well as thethreat of costly deepfake attacks.UKengineering firm Arup lost $25 millionin adeepfake attackin 2024. Already,generative AI has led to a 40%increase insuccessful email phishingincidents, and AI agents are nowoperating directly on businesssystems.At the same time, rapid adoption ofopen-source AI assistants such as OpenClaware exposing many organizations to datatheft and malicious code. “AI expands theattack surfa