TL;DR

DigiCert's new AI Trust Outlook (1,001 IT and security leaders, May 2026) found that 78% of organizations have already experienced an AI-related incident or identified an AI-related vulnerability. Nearly half lack visibility into their AI systems, and 47% can't trace AI decisions back to the models and source data that produced them. The incidents are the predictable results of lacking live structural context.

78% of enterprises have already had an AI incident. Almost none know why.

DigiCert just published survey data that should stifle a certain kind of disagreement languishing inside enterprise IT as of late…

The argument: AI risk is still theoretical.

It lives in thinkpieces, they say, and analyst decks. We'll deal with governance once the agents are actually doing real work.

Here’s the issue with all that: The agents are doing real work. Now. Already. Like, as you read this sentence.

According to DigiCert's AI Trust Outlook, 75% of organizations deployed four or more AI-powered systems in the last six months alone. And 78% have already experienced an AI-related incident or found an AI-related vulnerability in their environment.

So, more than three in four enterprises have already been burned (or nearly burned) by AI systems they chose to deploy, all while 90% of organizations are talking about AI governance at the board level, but only half have a formal program in place.

The gap is visibility, and it always was

The most telling stat in the report sits further down: 47% of organizations cannot fully trace AI decisions back to the models and source data that produced them.

When read alongside the incident number, the story crystalizes. Nearly half of enterprises are running agents whose decisions they cannot reconstruct. When one of those agents does something wrong (pulls the wrong record, updates the wrong field, acts on stale permissions) the postmortem hits a wall. No lineage. No map from output back to the data and structure that shaped it.

We've written about what this looks like in practice inside Salesforce environments…

  • An agent that can't see how objects relate develops schema blindness.
  • An agent operating on access it should have lost develops permission drift.
  • An agent working from decayed or outdated inputs suffers context rot.

These failure modes all share a root cause: the agent was deployed on top of a system nobody fully mapped.

DigiCert's SVP Brian Trzupek put it squarely… the question has shifted from whether to adopt AI to whether organizations can explain, govern, and trust what they've already deployed.

Governance is catching up. Context has to come first.

To be fair to the enterprises in this survey, the response is still underway. 57% have dedicated budgets for securing AI systems. 86% have some process for revoking trust when an AI system is compromised. Roughly half have assigned unique identities to all their AI agents... treating non-human actors with the same accountability as human ones.

Useful controls. But identity and revocation are what you do after something goes wrong. Traceability is what prevents the wrongness in the first place.

In a Salesforce context, that model is your metadata (every object, field, flow, permission set, and dependency, and how they connect). An agent with access to that structural context can ground its decisions in how your business actually works. An agent without it is guessing, and DigiCert's data shows what guessing costs at scale.

Your CRM's complexity is not the obstacle. Fifteen years of custom objects and interlocking automations is a detailed record of how your company operates, exactly the context an agent needs to act correctly.

The enterprises in that 78% learned that the expensive way. The window to learn it the cheap way is still open, but DigiCert's deployment numbers suggest it won't stay open long

Read more
AI Readiness9 min read
Mat Kennedy, Salesforce Expert
Mat KennedySweep Sales Engineer
AI Readiness5 min read
Nick Gaudio, Salesforce expert of 8 years
Nick GaudioSweep Staff