NTT DATA flags privacy, sovereignty as top enterprise AI barriers

NTT DATA says privacy and data sovereignty are now the biggest drag on enterprise AI deployments, as organisations shift from pilots into production systems that handle sensitive data.

In its 2026 Global AI Report, the company found only 29 per cent of respondents were prioritising sovereign AI in a concrete near-term way, even as governance, workload location and security requirements climb higher on procurement lists. NTT DATA chief executive and chief AI officer Abhijit Dubey said in the company’s release that “as AI evolves, private and sovereign approaches are testing enterprise readiness”.

The findings mark a shift in what is blocking deployment. Rather than asking whether teams want to use generative AI, many large organisations are now wrestling with where models run, how data moves across borders and whether existing controls are strong enough for production use. The centre of gravity has moved from experimentation to operating discipline, vendor choice and internal accountability.

Among chief AI officers, 35 per cent said building, integrating and managing private or sovereign AI was their top barrier, according to the NTT DATA report. Another 60 per cent cited cross-border data restrictions as a major challenge. The numbers put the hard work in architecture and governance, not model access or boardroom enthusiasm. The regional figures tracked close to the global picture. IT Brief Australia, which reported on the findings for a local audience, said 30 per cent of APAC respondents were prioritising sovereign AI in the near term. Enterprises appear to recognise the residency issue, but many have not yet settled vendor, hosting or operating model decisions around it. For multi-country businesses, that gap between awareness and action slows procurement even when executives want to move quickly.

Security was a second pressure point. Only 38 per cent of respondents said they had high confidence in their cloud security posture, the NTT DATA release said. When organisations are already unsure about baseline cloud controls, private AI deployments, hybrid environments and cross-border model access become harder to sign off. BigDATAwire reported that the survey showed enterprise AI adoption outstripping existing infrastructure and governance models.

The pattern is a familiar one in enterprise IT. Once an AI workload touches customer records, internal documents or code repositories, architecture, security, procurement and legal teams all demand clear answers on access, logging and residency. The delay turns on whether the surrounding controls satisfy auditors and risk committees, rather than on model capability. For CIOs, sovereign AI is a design question: where data sits, which teams can reach it, which legal regime applies, how quickly risk teams will clear production use. In sectors that hold customer, health or financial records, those questions can delay deployment long after the model itself is ready.

The findings come from a vendor-backed report and should be read with that context. The specific barriers the survey surfaces — cross-border restrictions, cloud security confidence, private AI integration — are concrete enough to be useful for enterprise IT teams assessing where AI projects stall. The question coming out of the data is whether governance can keep pace with deployment ambitions.