Survey: Enterprises State They Are Ready for Agentic AI Failures, however Few Test Healing Typically
A lot of business organizations state they are prepared to recuperate from interruptions including agentic AI, but a brand-new survey of more than 300 IT decision-makers from Australia, New Zealand, Europe, the United Kingdom, and the United States suggests reasonably few test those strategies often enough to prove it.
The study, carried out by Keepit, a vendor-independent cloud backup and healing service based in Denmark, discovered that 94% of participants were positive their catastrophe healing prepares covered agentic AI systems, even though only 32% stated they tested those strategies regular monthly.
Maybe more stressing, 33% of IT and security leaders responding to the survey stated they have only partial control over making use of agentic AI in their companies, and 52% had doubts about whether their healing prepares cover agentic AI circumstances.
“Organizations require to put more emphasis on developing long-lasting, structured, and tested catastrophe healing plans,” said Kim Larsen, Group Chief Details Security Officer at Keepit, in a declaration. “This also means putting a spotlight on data governance and accountability, which is the structure for any resiliency plan.”
Amongst the essential findings were that the majority of companies were testing healing, however not regularly. Around 90% have actually evaluated massive data healing a minimum of as soon as; nevertheless, screening is not frequent or methodical throughout all systems.
Furthermore, a crucial part of IT, gain access to and authentication, was frequently ignored in healing planning. Identity-related systems, such as Microsoft’s Entra ID and Confluence’s Okta, are tested far less typically than other data systems.
Compared to efficiency applications such as Microsoft 365, Google Workspace, and Salesforce, Keepit discovered that, on average, productivity applications are restored four times as often as identity applications.
“For every 4 business who run an annual test on their efficiency workload, just one of them (25%) will have run a test on their identity applications,” the report stated.
The survey also discovered that the majority of restore activity includes single-file downloads, showing routine functional needs rather than large-scale healing events. Many events are granular, making it quicker and more useful to obtain a particular file.
The report’s authors kept in mind that backup produces value when companies can recover with confidence, correctly, and effectively, whether the requirement is small and instant or broad and time-critical. Also, bring back activity is strong amongst larger companies.
The report’s authors said their objective was to determine whether external, prominent events triggered any modifications in repair behavior. Keepit examined two such occasions in 2024 and one occasion in 2025 that might have triggered data loss or unavailability: the solar flares in Might 2024, the CrowdStrike event in July 2024, and the Microsoft outages in October 2025.
The results were worrying due to the fact that none of these events prompted any modification in user habits. There was no indication of increased activity to confirm that backups were working in the days and weeks following the events.
2 theories are proposed in the report regarding behavior. First, organizations did not experience prevalent, instant remediation needs as a direct outcome of these occasions; second, the results likewise recommend that “awareness moments” do not instantly equate into modifications in recovery routines.
The option, according to the report’s authors, is to be proactive instead of reactive to similar events. “Organizations can utilize external occasions as structured triggers for directed recovery checks– short, repeatable validations that enhance self-confidence without needing massive, disruptive exercises,” the report noted.
They likewise suggested executing “assisted recovery” allowed by MCP (Model Context Protocol), which unlocks to “requesting for aid” in the moment that matters.
In addition, an MCP-enabled assistant can assist determine unhealthy tenants or suspicious patterns in protected information and guide administrators through the right recovery actions, turning healing into a manageable, repeatable procedure.
“All of it boils down to knowing who is in charge of healing and which systems are brought back first when several systems are impacted,” Larsen said. “When choices are postponed, recovery takes longer than needed.”
The complete report is offered here on the Keepit website (registration required).