👋 Hi, need a help?
ai moat

Slash Q4 2025 Survey Report Findings

The emergence of Generative AI has fundamentally shifted the technological landscape, compelling every organization to reassess its strategic position. However, recent data reveals a critical pivot in how leadership views this technology. Based on Slash’s direct survey of 150 IT leaders recently, the “move fast and break things” era of AI adoption is over.

The new mandate is clear: Control & Compliance First.

Today, the true competitive advantage, the “New AI Moat”, is not merely about accessing large language models (LLMs) but about establishing a Data-Ready Architecture that ensures control, compliance, and proprietary intelligence.

The Q4 2025 CIO Mandate

For the last year, the conversation revolved around performance and speed, but when we asked those 150 IT leaders to rank their investment priorities for the coming year, the results were lopsided.

“Control & Compliance” emerged as the overwhelming priority, scoring approximately 60 out of 100 points in importance. This far outstripped other concerns:

  • Cost: ~20 points
  • Performance: ~15 points
  • Vendor Independence: <10 points

ai moat

Source: Slash IT Leaders Survey, Sep-Nov 2025

Survey N = 150

This data confirms that for the enterprise, AI is no longer a science experiment but it is a critical workload that demands the same rigor as any other core business system.

1. The Shifting Layers of the Technology Stack

To support this mandate, the traditional technology stack is undergoing a transformation. The new architecture is centered not on code, but on trusted data and proprietary intelligence.

  • Proprietary Data: This is the bedrock of the AI moat. It refers to clean, traceable, and compliant data that allows an organization to move better and faster than competitors.
  • Proprietary Intelligence: Built atop this data is domain-specific enablement. This intelligence is tailored to unique workflows, providing specialized capabilities that off-the-shelf models cannot replicate.
  • End User Applications: This layer turns data and intelligence into usable products and workflows. AI is embedded into everyday experiences to augment human decision-making. This is where value is realized.
  • AI Ops & DevOps: AI Ops extends traditional DevOps practices to address model lifecycle management, evaluation, risk monitoring, and data-dependent behavior in AI systems.

Pic 2 Slash

2. Navigating the Three Levels of AI Maturity

Building a defensible AI moat is a journey toward greater control. This journey can be mapped across three levels of maturity, where higher maturity correlates directly with the “Control & Compliance” mandate.

Level 1: Low Maturity – Guidance via Prompts At the foundational level, organizations interact with LLMs via provider APIs using prompt engineering.

  • Data Control: Low (shared runtime).
  • Use Case: Simple workflow automation like summaries and email triage.

This level enables quick experimentation but offers little defensibility or control.

Level 2: Mid Maturity – Externalized Knowledge At this level, proprietary knowledge remains outside the model and is dynamically injected at runtime using techniques such as RAG, tools, and agents. This approach augments LLM capabilities without embedding sensitive information directly into the model. Intelligence is created by combining general-purpose models with governed enterprise knowledge and systems.

  • Data Control: Moderate to high for proprietary knowledge, because proprietary knowledge stays within the organization and is accessed through controlled, auditable, and policy-enforced interfaces. The model runtime can be public, tenant-isolated, or private, but sensitive data is only shared as scoped context.
  • Use Case: Domain copilots and workflow automation that require fresh, traceable enterprise knowledge and controlled actions.

This level improves relevance and compliance while maintaining flexibility, but intelligence still largely lives outside the model.

Level 3: High Maturity – Internalized Knowledge At the highest level of maturity, proprietary knowledge is internalized directly into the model through fine-tuning, preference tuning, or distillation into Small Language Models (SLMs).

  • Data Control: High. This enables fully private deployments, including self-hosted and edge environments, ensuring data never leaves the organization’s perimeter.
  • Use Case: High-performance domain copilots, real-time experiences, and edge intelligence where latency, reliability, and data privacy are non-negotiable.

This level represents the strongest AI moat, combining proprietary data, proprietary intelligence, and full operational control.

ai moat

3. Executing the Strategy: The “60% Control & Compliance Mandate”

Achieving a Control & Compliance First mandate requires more than intent, it requires a structural shift in how AI systems are designed, deployed, and operated. Rather than treating governance as a layer added after the fact, leading organizations embed control and compliance directly into their AI foundations. Our findings with data and AI experts outline four essential strategies to achieve this mandate.

Strategy 1: Enforced Control Security and governance cannot be afterthoughts in AI systems. Most enterprises already operate in multi-cloud and hybrid environments due to regulatory constraints, legacy systems, vendor risk, and regional data residency requirements. The medallion architecture (bronze, silver, gold), borrowed from modern data platforms, is commonly used to enforce control by progressively validating, enriching, and restricting data access as it moves closer to AI consumption, enabling consistent governance, policy enforcement, and least-privilege access across cloud and on-prem environments.

Strategy 2: Trusted Input (“Data Quality” First) AI outputs are only as reliable as the data they are built on. Organizations must adopt a data-quality-first approach with clear data lineage, ownership, and classification. This ensures that training and retrieval datasets are clean, traceable, and compliant before they are ever used by a model.

Strategy 3: Compliance by Design To reduce risk exposure, organizations increasingly design AI systems to minimize reliance on live PII or sensitive proprietary data. Techniques such as synthetic data generation and controlled abstractions allow safe testing, model development, and external collaboration without exposing real data. Compliance becomes a built-in property rather than a reactive process.

Strategy 4: Auditable Output Trustworthy AI systems must be observable and accountable throughout their lifecycle. This requires a governance layer that continuously evaluates model performance and behavior through structured evaluations, red-teaming, and monitoring for drift, bias, and policy violations. Real-time observability, explainability, and audit trails are essential to demonstrate compliance to regulators and internal stakeholders.

Pic 4 Slash

Conclusion

The data from Q4 2025 is conclusive. For nearly 60 percent of IT leaders, the next phase of AI is no longer about who has access to the smartest model, but who operates with the highest level of control and compliance. By prioritizing data-ready architecture, governance, and proprietary intelligence, CIOs can build a durable AI moat that delivers value without compromising trust or security.

The question now is not whether to adopt AI, but whether your current architecture is ready to support it at scale, under real-world regulatory and operational constraints. Book a complimentary session with our expert to map out your next AI adoption steps.

Alex Lossing
Alex Lossing
CTO, COO
Alex has accumulated 15 years of experience as an Organization leader, Team Builder, and Agile Transformation Practitioner. He is passionate about new technologies, and Digital Transformation and Delivery. He believes that Agile, people and teams are keys to successful Digital Transformation and Delivery. Alex focuses on helping enterprises deliver their best-in-breed digital solutions, by always keeping in mind business values and delivery constraints. An entrepreneur at heart, Alex co-founded his own startup in 2011 and joined Slash.co as a partner in 2021 with a strong focus on Digital Delivery and Venture Building.
Read more by Alex Lossing
In this article

Explore more resources

View all
Client Success
Republic Polytechnic
1 minute read·
December 16, 2025
(19) VB Map podcast: Corporate Innovation, Changes in Customer-Corporate Relations & Innovation Consulting: A conversation with Eric Saint Andre, the founder of Augmented Tribe and CEO of Amplification Lab
Podcast
Changes in customer-corporate relations with Eric Saint Andre

About this episode

Eric Saint Andre is a leading expert in design thinking, innovation, business model innovation, new business design and startup acceleration. He is the Founder and Managing Director of ASA Advisory Services, a leading Innovation Consultancy based in Singapore and also the founder of Augmented Tribe, a tech startup offering an Innovation Platform to support organizations with their innovation and digital transformation initiatives.

Eric has worked hand in hand with hundreds of corporate innovation teams as part of innovation programs he has designed and facilitated. He has also accelerated in excess of 100 startups in South East Asia working hand in hand with each one of those over the past eight years based in Singapore.

With years of practical knowledge and experience in innovation methodologies such as Design Thinking, Lean Startup, Future-Driven Business Innovation, Business Model Innovation, Eric has helped numerous large MNCs, local enterprises and public organizations (GovTech, SBF, SG Innovate, etc.)  designing and facilitating fit-for-purpose design thinking, innovation and transformation programs, to help them become more agile, innovative and highly adaptable to change.”

Here are some highlights of our discussion: 

  • What is the history of corporate innovation, what has worked and what hasn’t, and yes the challenge of classical innovation labs
  • How our expectations as customers and consumers have evolved, and how corporations had to adopt more human-centric approaches
  • The big corporate gaps: the exploration and venture building engines are weak, and governance often still holds back long-term horizon exploration
  • The rise of ambidextrous organizations, segregating exploratory units from their traditional units
  • What’s inside the innovation engine?
  • How corporate innovation engines are tapping into and retaining intrapreneurs by offering more autonomy and incentives
  • Can funding, assets and talents become decentralized? How would we create a decentralized venture builder?
7 minute read·
by Andries De Vos ·
December 13, 2022
Generative AI Optimization
Articles
Generative AI Optimization (GAIO): The Future of Search Experience and Digital Visibility
Learn how Generative AI Optimization (GAIO) boosts visibility in SGE, ChatGPT, and Perplexity. Build semantic authority and prepare your brand for the future of search.
5 minute read·
by Asep Rizqi Rifangga ·
November 14, 2025
Generative AI Optimization
Articles
Generative AI Optimization (GAIO): The Future of Search Experience and Digital Visibility
Learn how Generative AI Optimization (GAIO) boosts visibility in SGE, ChatGPT, and Perplexity. Build semantic authority and prepare your brand for the future of search.
5 minute read·
by Asep Rizqi Rifangga ·
November 14, 2025

AI Transformation

Services

Other

Industries

Expertise

Slash delivered measurable ROI through AI transformation and custom software development, straight from verified client reviews.

See What Our Clients Say

Resources

Company

This free e-book is for tech leaders who are tired of the friction between their Business, Product, and Technology teams.

Events

Client Success
Republic Polytechnic
Let's Chat
Search