Commvault Launches Real-Time Controls to Shield Enterprises from AI Data Risks
Amsterdam, Wednesday 25 March 2026
With 90% of organisations holding sensitive data vulnerable to AI exposure, Commvault has introduced real-time governance controls to secure cloud environments and navigate Europe’s intensifying regulatory landscape.
The AI Data Exposure Dilemma
As enterprises rapidly scale their artificial intelligence capabilities, traditional data governance frameworks are struggling to keep pace. According to Jennifer Glenn, Research Director for Data and Information Security at IDC, legacy security tools were simply not designed for modern environments where AI models might inadvertently expose sensitive information hidden within vector databases and cloud data warehouses [1]. The scale of this vulnerability is substantial, with 90% of organisations currently holding sensitive data that could be exposed by AI systems [1]. Furthermore, data breaches heavily compromise personal information; 46% of such incidents involve personally identifiable customer information, while 40% involve employee data [1].
Regulatory Pressures and Financial Stakes in Europe
The push for robust data security posture management is heavily amplified by Europe’s stringent regulatory environment. The EU Artificial Intelligence Act, which began its phased enforcement in February 2025, is set to apply its broadest obligations on 2 August 2026 [2]. The financial penalties for non-compliance are severe, reaching up to EUR 35 million or seven percent of a company’s global turnover for prohibited practices [2]. Additionally, the Digital Operational Resilience Act (DORA), which took effect on 17 January 2025, imposes rigorous ICT risk management requirements on financial entities operating within the European Union [2]. Consequently, information security expenditures have grown to represent approximately nine percent of total EU IT budgets [2].
Capital Flows and Due Diligence in the Digital Economy
Despite the compounding cyber and regulatory risks, institutional capital continues to flow into Europe’s digital economy, albeit with heightened due diligence requirements [2]. In March 2026, INVL Asset Management launched the European Software Private Equity Access Fund, a feeder fund backing Main Capital Partners’ B2B software strategy [2]. This vehicle notably lowers the minimum investment threshold to EUR 125,000 [2]. Concurrently, GVC Gaesco Alternative Investments reported securing regulatory approval [alert! ‘Source data indicates the final regulatory status of the RIF fund may still be pending confirmation’] for a €70 million fund focused on resilient infratech startups [2]. However, investors are increasingly evaluating cybersecurity, AI governance, and GDPR compliance as continuous disciplines that directly impact long-term valuations [2].