Earlier in this series, we looked at how financial services and healthcare organizations navigate the Exception Economy, balancing their mature processes that run alongside persistent operational gaps. Technology and software companies carry a specific and tangential version of this story. They are the most AI-active organizations in our research group, and they face the highest friction when it comes to doing that work securely.
Replica Cyber’s research found that 61.8% of technology respondents are running AI agents with some decision-making authority, and 56.6% are conducting AI and LLM experimentation with sensitive data. Both of these numbers are above the cross-industry average. The companies building the infrastructure everyone else runs on haven’t solved the security problem for themselves.
The Staffing Picture
Technology and software companies report the highest rate of being blocked by skills and staffing: 82.9% say this always or often limits high-risk work. That’s nearly 14 percentage points higher than the cross-industry average, the widest margin of any sector on this question.
Whether this reflects more accurate assessment of what high-risk AI work really requires, demand that outpaces available capacity, or misses in the infrastructure design that make existing talent less free to do the work… it isn’t clear from the data. But the pattern certainly stands out: the sector doing the most AI work reports the highest people constraints.
Leadership risk appetite is low
Risk appetite from leadership and legal always blocks high-risk digital work for 40.8% of technology respondents, the highest “always” figure of any vertical. The combined “always/often” rate is 77.6%. In an industry that prizes speed and shipping, leadership conservatism around security is creating more friction than budget or tooling. Technology leaders may understand the risks of AI better than most and are pulling the brakes precisely because they do.
Market expansion is paying the price
Forty-five percent of technology respondents delayed market expansion or entry into new regions in the past year because the digital work couldn’t be conducted securely, and this stands out as the highest rate of any vertical for that activity. For SaaS and software companies trying to enter enterprise markets or new geographies, security infrastructure gaps are a direct barrier to growth. Twenty-eight percent also delayed AI and ML deployment specifically. In a sector where AI is a core competitive differentiator, that delay has a cost that isn’t always acknowledged.
Even high-tech companies are stuck
Technology companies report the highest skills and staffing constraints, the highest leadership risk appetite blocking work, and the highest rate of delayed market expansion, all while being the most AI-active sector in the survey.
They have high activity, high constraints, and high delays. It’s worth noting that technical expertise doesn’t solve the operational problem. Understanding what can go wrong doesn’t mean having the infrastructure to prevent it. The Exception Economy shows up in technology companies the same way it shows everywhere else: forced tradeoffs between speed, safety, and strategic progress.
The full Exception Economy report breaks down where technology and software companies diverge from other industries on exceptions, delays, and friction, and where the patterns are identical.
