- 96% of tech professionals identify AI agents as a growing security risk.
- Despite these concerns, 98% of organizations plan to expand AI adoption.
- Lack of governance over AI agents poses significant threats to enterprise data security.
SailPoint, Inc. (SAIL, Financial), a leader in identity security solutions, has released a new report titled "AI agents: The new attack surface," spotlighting the rapid adoption of AI agents and the accompanying security challenges. The study reveals that while 82% of organizations currently utilize AI agents, only 44% have implemented policies to secure them. This poses a significant risk, as AI agents are considered more perilous than traditional machine identities by 72% of respondents.
The report underscores a striking contradiction: 96% of technology professionals view AI agents as a growing security risk. Despite these concerns, a staggering 98% of organizations plan to increase their use of these systems within the next year. AI agents, capable of accessing privileged data and performing unintended actions, introduce complexities such as self-modification and the potential creation of sub-agents.
Experts emphasize the need for AI agents to be managed with the same rigor as human identities, advocating for clear access controls and comprehensive accountability measures. Currently, 92% of respondents believe that governing AI agents is critical to maintaining enterprise security, with 23% reporting incidents where AI agents were deceived into divulging access credentials.
The findings suggest that as organizations continue to expand their use of AI agents, there is a pressing need for identity-first security solutions that govern both human and AI identities. These solutions should ensure full visibility, enforce minimal privilege principles, and guarantee auditability to mitigate risks and meet regulatory requirements in an era of frequent data breaches.