IBM: Study Reveals 91% of Organizations Lack Full Visibility into AI Dependencies, Lock-In Serious

IBM’s new study warns that business organizations are entering the AI era without control over their own dependencies — with a serious risk of lock-in to a single vendor.

A Blind Spot in AI Dependencies

According to the study, 91% of organizations lack full visibility into their own AI dependencies on vendors, models, and infrastructure. In other words, most do not know exactly which external AI components their business relies on. Additionally, 68% of executives consider meeting data residency and sovereignty requirements a cross-geographic challenge — a point also highlighted the same day in the EU Digital Decade report.

Lock-In and Vulnerability to Outages

Dependency is also an operational risk. As many as 71% of organizations would struggle to change their primary AI vendor, and 81% say a seven-day vendor outage would cause severe or critical disruption. On average, organizations have experienced six AI-related disruptions in the past two years, mostly due to vendor service issues. Appetite for flexibility is high: 72% would accept a 20% higher cost to retain the ability to choose their vendor.

What Sets Organizations That Manage AI Well Apart

Only 7% of organizations have “advanced AI control capabilities” — adaptability across data, models, and infrastructure. These organizations, IBM notes, protect operating profit from AI disruptions 55% better than others. The contrast carries a clear message: visibility and the ability to swap components are not administrative luxuries, but direct protection for business outcomes.