AI Agent Security Lags as Incidents Hit 54% of Firms
Over half of enterprises have suffered an AI agent security incident because companies are granting autonomous systems access to critical infrastructure without proper identity or isolation controls, signaling a looming shift in cybersecurity budgets.
More than half of enterprises running AI agents in production have experienced a security incident or a close call. A survey of 107 companies with over 100 employees found that 54% had a confirmed agent breach or a near-miss caught before damage occurred. Of those, 18% suffered confirmed incidents while 36% caught problems at the edge.
The primary vulnerability driving these breaches is weak identity management. Only 32% of organizations issue every agent its own scoped, managed identity. Instead, 69% of companies admit to credential sharing somewhere in their agent fleets, often relying on shared API keys or borrowed human service accounts. This creates a wide blast radius, as organizations with shared credentials reported incident rates of 63.5%, compared to 40.9% for those using fully scoped identities.
Containment Controls Fall Short
Even when enterprises monitor agent behavior, they frequently fail to contain it. While 47% of companies observe agent activity and 49% enforce scoped permissions at runtime, only 30% isolate their highest-risk agents in sandboxes. This leaves the largest organizations particularly exposed. Among companies with more than 1,000 employees, the incident rate jumps to 63%, yet sandbox usage drops to just 20%.
A Market Shift on the Horizon
Despite these vulnerabilities, current security spending remains a thin slice of corporate budgets. Enterprises predominantly rely on native controls from model providers like OpenAI, Google, and Microsoft, with OpenAI's guardrails used by 51% of respondents. Satisfaction with these borrowed tools averages a high 4.2 out of 5. However, only a third of enterprises believe their defenses outpace AI-enabled attackers, and a clear majority plan to change their security tooling within the year.
For investors and cybersecurity executives, this points to an imminent market correction. Dedicated agent-security specialists currently barely register in enterprise deployments. However, the combination of rising incidents, inadequate blast-radius containment, and planned tooling churn suggests corporate capital is poised to flow toward purpose-built agent security platforms rather than defaulting to hyperscaler tools.