Company highlights growing disconnect between perceived AI readiness and actual data resilience capabilities across EMEA organizations
Veeam has cautioned enterprises against reducing focus on AI security and governance following reports that implementation timelines for the European Union’s AI Act may be delayed. According to the company, the postponement underscores the complexity of defining secure and compliant AI frameworks rather than signaling a reduced urgency around AI risk management.
The EU AI Act, widely regarded as one of the world’s most comprehensive regulatory frameworks for artificial intelligence, is intended to establish rules governing the safe development and deployment of AI technologies. However, ongoing challenges around defining conformity requirements and regulatory architecture have reportedly contributed to delays in implementation timelines.
Veeam noted that despite the uncertainty surrounding the legislation, many organizations across Europe, the Middle East, and Africa believe they are prepared to meet the original compliance deadlines. Research commissioned by the company found that 88 percent of EMEA organizations expected to comply with the initial EU AI Act timelines, while only nine percent anticipated missing some requirements.
“The delay to the EU AI Act should not be mistaken as a reduction in AI-related risk. If regulators themselves are struggling to define what secure AI looks like, it highlights how urgently organizations need stronger visibility, governance, and data resilience strategies,” said Tim Pfaelzer, General Manager and Senior Vice President, EMEA at Veeam.
The findings suggest a potential disconnect between enterprise confidence and actual preparedness. According to Veeam, many organizations may underestimate the operational, governance, and data security challenges associated with AI compliance. The company also pointed out that organizations outside the European Union, particularly in the United Kingdom, could mistakenly assume the regulations will not impact them, despite the likelihood of broader global implications similar to GDPR.
Veeam warned that increasing competition around AI innovation may tempt organizations to prioritize rapid deployment over robust security and governance practices. However, the company stressed that poorly managed data environments and weak AI oversight create significant operational and compliance risks.
The company is urging enterprises to strengthen transparency, improve AI governance frameworks, and invest in resilient data architectures ahead of revised regulatory timelines. According to Veeam, organizations that proactively improve visibility and security around AI systems will be better positioned not only for future compliance requirements but also for long-term operational resilience in an increasingly AI-driven business environment.
