The Areebi Index: Q2 2026

Methodology note

The analytical lens

We measure organisations against the Areebi AI Governance Maturity Model defined in the next section. The model borrows the spirit of the Capability Maturity Model Integration tradition and the Govern-Map-Measure-Manage posture of the NIST AI Risk Management Framework⁸, compressed to five stages because anything more elaborate fails the board-deck test. We assigned each source's findings to a stage by interpreting reported behaviour - policy publication, inventory completeness, runtime control posture, framework mapping, board-level reporting - against the stage definitions.

Caveats we hold honestly

• Definitional drift.The seven primary surveys we triangulate use slightly different definitions of "AI governance programme" and "AI security incident". We surface ranges, not single points, where the underlying definitions diverge meaningfully.
• Self-report bias.Maturity claims by organisations tend to skew optimistic. Where possible, we prioritise telemetry-derived numbers (such as IBM's breach-cost data) over policy-survey self-reports.
• Geographic skew. Most sources oversample North American and Western European organisations. Asia-Pacific and Latin American maturity may track differently.
• Commercial incentive disclosure. Areebi sells a Stage-2-to-Stage-4 product. We disclose this incentive up front. Where you suspect it colours our scoring, the underlying sources are linked so you can re-do the synthesis with different weights.

The 5-stage Areebi AI Governance Maturity Model

The maturity model is the scoring rubric for the rest of this report. Each stage describes a posture, not a product. Stage transitions are the diagnostic - which question your next quarter needs to answer - rather than a buying signal.

The model is consistent with our broader Secure AI Control Plane definition and the architectural primer in What is an AI Control Plane. For self-assessment, see the NIST AI RMF gap analyser.

Where mid-market regulated companies actually sit

The most decision-useful single number a mid-market CISO can carry into a board conversation is not a shadow-AI prevalence figure but a placement on the maturity scale. Triangulating Gartner's forecast that 50% of enterprises will have an AI TRiSM programme by the end of 2026⁷, IBM's 2025 finding that 47% of AI-using organisations have experienced at least one AI security incident and that only 24% of generative-AI initiatives are properly secured¹, and the IAPP-EY Privacy and AI Governance Report 2024 data on AI-specific compliance programmes⁴, our best estimate of the maturity distribution for mid-market regulated companies is:

The distribution is bottom-heavy. Two-thirds to three-quarters of mid-market regulated organisations sit at Stage 1 or Stage 2 in Q2 2026. The IBM 2025 24%-secured statistic¹is the cleanest single-source anchor for the top end of Stage 3 and into Stage 4 because IBM's methodology distinguishes between an organisation having an AI initiative and that initiative being adequately secured - the second criterion is what separates a Stage 2 reaction from a Stage 3 programme.

The IAPP-EY 2024 governance report⁴ adds the privacy-officer perspective. Organisations with a documented AI risk programme, named AI risk owner, and at least one technical control - the qualifying conditions for Stage 3 - are still in the minority of the regulated mid-market. The Stanford HAI 2025 AI Index⁶documents the gap between adoption velocity (high) and governance velocity (low) in the corresponding chapters on enterprise AI.

Industry segmentation. Financial services is the highest-maturity vertical we observe in the synthesis - the combination of pre-existing SR 11-7 model risk-management discipline and a long pre-AI culture of audit closes the gap to Stage 3 faster. Healthcare bifurcates: large payer/EHR vendors are Stage 3+; clinical practices and smaller payer networks sit at Stage 1-2 with the highest per-incident Sensitivity score from the Shadow AI Index Q3 2026²². Manufacturing trails the cross-industry median by roughly two stages - lower adoption hides lower governance maturity. Legal services is bimodal, mirroring the Shadow AI Index Q3 2026 findings.

For a full unpacking of where this leaves the discipline gap between intent and practice, see our companion Shadow AI Index Q3 2026 and the broader AI Compliance Landscape 2026 briefing.

The shadow AI gap compresses with maturity

Shadow AI prevalence is the single metric most-quoted in mid-market board decks. Salesforce's State of IT 2024 placed the cross-enterprise figure near 70%⁵, with substantial corroborating evidence in the Stanford HAI AI Index 2025⁶ and our own Shadow AI Index Q3 2026²² 55-65% range across regulated mid-market. The number itself is less interesting than its behaviour across maturity stages.

The 30-percentage-point drop between Stage 2 and Stage 3 is the largest non-linear jump in the model. It reflects the change in measurement, not just behaviour. At Stage 2, prevalence is self-reported. At Stage 3, the organisation has at least one discovery mechanism (browser extension, network telemetry, or sanctioned-tenancy log) that surfaces unsanctioned use directly, which (a) suppresses some of the discovery-driven behaviour change and (b) converts "survey respondents downplaying" into "telemetry showing".

The Stage 3-to-Stage 4 transition compresses prevalence further because the runtime DLP redacts content at the egress, removing both the incentive and the means for casual unsanctioned use. The organisations we've seen sit at Stage 4 typically report telemetry-verified shadow AI under 5% of sessions, with the residual concentrated in contractor and BYOD edge cases.

For a full treatment of how to measure and respond to shadow AI, see the Shadow AI Index Q3 2026 and our free shadow AI policy generator.

Framework adoption velocity is uneven

Framework adoption is the most quantifiable single signal of a Stage-2-to-Stage-3 transition. Three signals matter in 2026: EU AI Act compliance preparation, ISO/IEC 42001 certification volume, and NIST AI RMF referencing in organisational documentation. Each has a different curve.

EU AI Act readiness

The EU AI Act's phased applicability has had the largest effect on enterprise governance budgets in 2025. General-purpose AI model obligations began applying from August 2025; high-risk system obligations apply from August 2026¹¹. The IAPP-EY 2024 Privacy and AI Governance Report found that organisations in EU-touching businesses had begun shifting AI governance spending forward by 6-12 months relative to the original Act timeline as counsel and audit functions absorbed the implementation cost estimate⁴. We see the same pattern in the cross-source triangulation: financial services and SaaS providers with EU customers have pulled Stage 3 work forward; pure-US-domestic mid-market companies have not.

For the full anatomy of EU AI Act obligations and the readiness checklist, see our EU AI Act compliance brief and the EU AI Act readiness checker.

ISO/IEC 42001 certification volume

ISO/IEC 42001:2023 - the AI management system standard published in December 2023 - became the closest analogue to ISO/IEC 27001 for AI governance in 2025¹⁰. Public certification registers maintained by UKAS (UK accreditation body) and ANAB (US accreditation body) show year-over-year certification volume crossing an inflection point in 2025. The bulk of certifications cluster in cloud and SaaS vendors targeting EU and UK regulated buyers; the regulated buyers themselves are slower to certify, treating ISO 42001 as a vendor qualification gate first and an internal management programme second.

For the practitioner's view, see our ISO/IEC 42001 compliance brief.

NIST AI RMF and the GAI Profile

NIST AI 100-1 (the AI Risk Management Framework, January 2023) remains the most-cited framework in US enterprise AI policy documentation⁸. The July 2024 release of NIST AI 600-1 (the Generative AI Profile)⁹added specific guidance for generative-AI risks and shifted the practitioner conversation from "does NIST cover this" to "which sub-category in the Profile applies". Adoption is mediated less by formal assessment and more by mapping into existing GRC processes; organisations that already used NIST CSF 2.0 for cybersecurity tend to extend the same control mapping discipline to AI RMF.

For the gap-analysis tool that maps your current controls onto the NIST AI RMF Govern-Map-Measure-Manage functions, see the NIST AI RMF gap analyser and our broader NIST AI RMF compliance brief. For a side-by-side of the major frameworks, see the AI framework comparison tool.

Industry vertical view

Financial services leads on framework adoption velocity; healthcare payer / EHR vendors trail closely. Government contractors who handle controlled-unclassified information adopt NIST AI RMF preferentially because of FedRAMP-AI alignment. Manufacturing trails the cross-industry median by approximately two stages, with the trade-secret risk profile remaining outside most current governance programmes.

The breach cost reality

Breach economics anchor the business case for moving from Stage 2 to Stage 3-4. Three primary sources converge on the same picture: AI-related breaches are more expensive, slower to detect, and concentrated in organisations with weaker governance posture.

The IBM 2025 dataset¹ is the most-cited single source on breach cost. The headline USD 4.44 million figure is the global average; in regulated industries the numbers stack higher. Healthcare reports the largest sector-level cost ratio; financial services follows; technology and retail follow. The shadow-AI cost premium (approximately USD 670,000 above baseline) reflects two compounding drivers: longer mean-time-to-detect because shadow channels are unmonitored, and additional regulatory notification expense.

The Verizon Data Breach Investigations Report 2025²measures the attacker side rather than the cost side. The 2025 DBIR documented a substantial year-over-year rise in vulnerability-exploitation breaches and a continuing shift toward credential abuse and third-party path-of-least-resistance entry. Crucially for AI governance, the 2025 DBIR's third-party-mediated breach category overlaps with AI-vendor risk: a poorly governed AI integration is a third-party attack surface, and the DBIR's third-party growth tracks the rise in AI procurement velocity.

The OAIC Notifiable Data Breaches Report covering H2 2024 (released in early 2025) documented record-high Australian breach volume¹³, with health sector and finance sector leading the notifications. The Australian privacy regulator now explicitly catalogues AI- assisted phishing and AI-amplified social engineering as cost drivers; the practical implication for governance programmes is that even organisations not deploying AI internally must account for AI-augmented threats in their cost projections.

For our compliance-side treatment, see the Australian Privacy Act compliance brief and the SOC 2 readiness page for how Areebi's own trust posture maps to the breach-economics picture.

Regulatory pressure is widening, not converging

The 2025-2026 regulatory calendar produced no global convergence; it produced more divergent fragments. Four jurisdictions matter most for the regulated mid-market: the European Union, the United States (state by state), Brazil, and the United Kingdom (via framework rather than statute).

European Union: EU AI Act applicability

Regulation (EU) 2024/1689 - the EU AI Act - is now in phased application. The prohibitions on unacceptable-risk practices applied from February 2025; general-purpose AI model obligations applied from August 2025; high-risk system obligations and the bulk of the Act apply from August 2026¹¹. The fines regime scales to 7% of global annual turnover for prohibited-practice violations. For Stage 2-3 mid-market organisations with EU exposure, the August 2026 deadline is the single most consequential governance date of the year.

United States: a state-by-state patchwork

The federal US picture remains a patchwork after California SB 1047 was vetoed in 2024¹⁴. The void is being filled by states. Colorado's SB 24-205 (the Colorado AI Act) - the first US state-level comprehensive AI law - takes effect 1 February 2026¹⁵ and addresses high-risk AI systems via developer- and deployer-side duties. Texas TRAIGA (HB 1709) was advanced through the 2025 legislative session and becomes effective during 2026¹⁶. Illinois' AI Video Interview Act, NYC's Local Law 144, and a growing volume of bias-audit and disclosure rules sit underneath the state-level constellation.

For practitioner-level summaries of each US-state regime, see our Colorado AI Act brief and the comparison table in the AI framework comparison tool.

Brazil: PL 2338/2023

Brazil's PL 2338/2023 - the projected federal AI statute - has been advancing through the Senate with a risk-based architecture that parallels the EU AI Act's structure¹⁷. Mid-market organisations with Brazilian customer bases should treat PL 2338/2023 in the same posture as EU AI Act preparation: pull governance work forward of the operative date rather than wait for the implementing regulations.

The cost of regulatory fragmentation

The pre-2025 hope of a global AI governance convergence has not materialised. For mid-market regulated organisations operating across the EU, US, UK, and Brazil simultaneously, the practical consequence is that a single internal governance programme has to satisfy multiple overlapping disclosure, audit, and prohibition regimes. The lowest-effort path to compliance with all of them is usually to map controls onto NIST AI RMF and ISO 42001 - the two framework languages most regulators reference - and then layer the statute-specific overlays on top.

For an end-to-end walk through the 2026 landscape, see the companion briefing AI Compliance Landscape 2026.

What this means for a mid-market CISO this quarter

We've framed these as commitments rather than tasks because they require named ownership and a measurement plan. Pick the one that closes your biggest stage transition first.

1. Publish an inventory by 30 June 2026. The Stage 1-to-Stage 2 transition is gated on the existence of an evidence-backed inventory of AI tools in use, sanctioned and unsanctioned. Measurement: presence of a board-visible artefact with discovery evidence. Internal tool that helps: NIST AI RMF gap analyser.
2. Map controls onto NIST AI RMF or ISO 42001 by 30 September 2026. The Stage 2-to-Stage 3 transition is gated on framework mapping. Measurement: the number of NIST AI RMF sub-categories or ISO 42001 clauses with named, evidenced controls in your GRC system. See the NIST AI RMF compliance brief and the ISO 42001 compliance brief.
3. Deploy a runtime control by 31 December 2026. The Stage 3-to-Stage 4 transition is gated on a runtime control: DLP at the AI-egress layer, browser-extension discovery, or a sanctioned-tenancy enforcement gate. Measurement: the percentage of AI-touching sessions covered by the runtime control. The Areebi platform is purpose-built for this transition.
4. Run an AI incident-response exercise before year-end. The Stage 4-to-Stage 5 transition is gated on tested IR. Measurement: a documented tabletop or live exercise that touched the AI control plane specifically. The IBM Cost of a Data Breach Report 2025 documents the per-breach savings associated with a tested IR plan¹.
5. Brief the board on the EU AI Act August 2026 obligations. If your organisation has any EU exposure, the August 2026 high-risk-system obligations are the most consequential compliance event of 2026¹¹. Measurement: a board-visible applicability assessment with named gaps. See the EU AI Act compliance brief.

What this means for Areebi

For the platform overview, see the Areebi platform; for our security posture and the underlying SOC 2 readiness roadmap, see SOC 2 readiness.

References and dataset

The following primary sources underpin the analysis. Each is publicly accessible at the URL listed. We have not modified any number from its original source; where we report a range across sources, the underlying single-source numbers are recoverable from the citations below.

1. 1. IBM & Ponemon Institute, Cost of a Data Breach Report 2025, July 2025. ibm.com/reports/data-breach
2. 2. Verizon, Data Breach Investigations Report 2025, May 2025. verizon.com/business/resources/reports/dbir
3. 3. IDC, Worldwide AI and Generative AI Spending Guide and AI Adoption Surveys 2025. idc.com (Worldwide AI Spending Guide)
4. 4. IAPP & EY, Privacy and AI Governance Report 2024. iapp.org/resources
5. 5. Salesforce, State of IT 2024 (and successor State of the AI Connected Worker). salesforce.com/news/stories
6. 6. Stanford Institute for Human-Centered AI, AI Index Report 2025. aiindex.stanford.edu/report
7. 7. Gartner, Press release on AI Trust, Risk, and Security Management (AI TRiSM) adoption forecast, 2024. gartner.com/en/newsroom
8. 8. National Institute of Standards and Technology, AI Risk Management Framework (NIST AI 100-1), January 2023. nvlpubs.nist.gov/nistpubs/ai/NIST.AI.100-1.pdf
9. 9. National Institute of Standards and Technology, Generative AI Profile (NIST AI 600-1), July 2024. nvlpubs.nist.gov/nistpubs/ai/NIST.AI.600-1.pdf
10. 10. International Organization for Standardization, ISO/IEC 42001:2023 - AI management system, December 2023. iso.org/standard/81230.html
11. 11. European Union, Regulation (EU) 2024/1689 - the EU AI Act, OJ L of 12 July 2024. eur-lex.europa.eu/eli/reg/2024/1689
12. 12. Stack Overflow, Developer Survey 2025. survey.stackoverflow.co/2025
13. 13. Office of the Australian Information Commissioner, Notifiable Data Breaches Report (H2 2024 release). oaic.gov.au
14. 14. California Legislature, SB 1047 - Safe and Secure Innovation for Frontier AI Models Act (vetoed), September 2024. leginfo.legislature.ca.gov
15. 15. Colorado General Assembly, SB 24-205 - Colorado AI Act, effective 1 February 2026. leg.colorado.gov/bills/sb24-205
16. 16. Texas Legislature, HB 1709 - Texas Responsible AI Governance Act (TRAIGA), 2025 session. capitol.texas.gov
17. 17. Senado Federal do Brasil, Projeto de Lei n. 2338, de 2023. www25.senado.leg.br (PL 2338/2023)
18. 18. United Kingdom Accreditation Service (UKAS), ISO/IEC 42001 certification register. ukas.com
19. 19. ANSI National Accreditation Board (ANAB), Accredited certification body directory for ISO/IEC 42001. anab.ansi.org
20. 20. Federal Reserve, SR 11-7 Guidance on Model Risk Management. federalreserve.gov/supervisionreg/srletters/sr1107
21. 21. Illinois General Assembly, AI Video Interview Act. ilga.gov
22. 22. Areebi Research Team, The Shadow AI Index Q3 2026, May 2026. areebi.com/resources/research/shadow-ai-index-q3-2026
23. 23. New York City Department of Consumer and Worker Protection, Local Law 144 - Automated Employment Decision Tools. nyc.gov (Local Law 144)
24. 24. US Office of Management and Budget, OMB Memorandum M-24-10 on Federal Agency Use of AI. whitehouse.gov/omb
25. 25. Department for Science, Innovation and Technology (UK), A Pro-innovation Approach to AI Regulation. gov.uk/government/publications