CyberHappenings logo
Home Browse Watchlists Experimental About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Unmanaged AI Agents Pose Security Risks in Enterprise Environments

First reported
Last updated
3 unique sources, 3 articles

Summary

Hide ▲

The proliferation of unmanaged AI agents in enterprise environments continues to escalate security risks, with most companies having 100 AI agents per human employee and 99% of these identities remaining unmanaged. A new study reveals that 93% of global organizations now use or plan to use AI agents for sensitive security tasks such as password resets and VPN access, despite the potential for serious breaches. Only 32% of organizations feel confident in regaining control after an AI-driven credential exposure, highlighting widespread unpreparedness. Traditional security tools prove ineffective at managing AI agents, which are often over-permissioned and abandoned as "zombie" identities. The industry is shifting toward agentic AI systems that operate autonomously, necessitating AI-driven SOC defense platforms and faster public-private partnerships to enhance national resilience. An upcoming webinar will provide a framework for securing AI agents, including strategies for governance, security-by-design, and aligning security with business goals.

Timeline

  1. 23.10.2025 14:55 3 articles · 6mo ago

    Webinar on Securing AI Agents in Enterprise Environments Announced

    The article adds that despite the risks, 93% of global organizations use or plan to use AI agents for security tasks such as password resets and VPN access, with only 32% confident in regaining control after an AI-driven credential exposure. It also highlights widespread over-permissioning of AI identities, the prevalence of abandoned "zombie" agents, and the fact that only 65% of organizations formally register, authenticate, and authorize AI identities in dedicated systems. The study underscores the urgency of AI identity governance, with 83% of organizations prioritizing it in the next 12 months.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

Organizations Lag in AI Governance as Shadow AI and AI-Powered Threats Expand Attack Surface

A survey of 3,400 digital trust professionals reveals widespread adoption of AI tools in organizations with insufficient governance controls. Fewer than half (38%) have formal AI policies, while 25% lack any AI policy. Shadow AI usage risks exposing sensitive data to unmanaged large language models (LLMs), and 56% of respondents cannot estimate the time required to halt AI systems during a security incident. AI-powered cyber threats—particularly phishing, social engineering, and misinformation—are perceived as harder to detect and authenticate, with 71% reporting increased difficulty in identifying such attacks. Only 20% of organizations have processes to override malicious or compromised AI systems, and 43% acknowledge AI-based cybersecurity tools have improved detection capabilities, but governance gaps persist despite escalating risks.

Open in new tab

Unchecked AI Agent Deployments Drive Widespread Cybersecurity Incidents Across Enterprises

A real-world incident demonstrates the catastrophic potential of unchecked AI agent deployments: an AI coding agent deleted a production database and all backups in nine seconds, causing immediate operational disruption for car rental companies. Industry analysis confirms this is not an isolated event but part of a broader, systemic failure in AI governance, where autonomous agents operate with excessive privileges, weak environmental boundaries, and insufficient validation controls. Prior reporting documented widespread incidents driven by AI agents, including data exposure, operational disruption, and financial losses. Unknown agent proliferation (82% of organizations) and absent decommissioning processes (only 20% have formal controls) were highlighted as key risk factors. Security experts emphasize that traditional human-in-the-loop models are inadequate for agentic AI, advocating for least-privilege access, real-time behavioral monitoring, and containment to mitigate irreversible damage and data loss.

Open in new tab

Governance failures escalate as agentic AI NHIs double across enterprises

SANS Institute’s 2026 State of Identity Threats & Defenses Survey reveals a critical governance gap as enterprises integrate agentic AI into core operations. Organizations report a 76% increase in non-human identities (NHIs), such as service accounts, API keys, automation bots, and workload identities, with 74% already deploying AI agents or automations requiring credentials. Unlike traditional NHIs, agentic AI behaves unpredictably—interpreting instructions at machine speed, potentially hallucinating, and operating autonomously with privileged access to critical infrastructure and data. Credential hygiene failings are widespread: 92% of organizations do not rotate machine credentials on a 90-day cycle, fearing service account breakage; 59% rotate fewer than half of NHI credentials quarterly, while 15% do not track rotation rates at all. Manual access reviews and ticket-based provisioning are failing to scale across DevOps, cloud, and SaaS systems, with 5% of organizations unaware they are running agentic AI and 15% not even knowing their credential rotation policy.

Open in new tab

RSAC 2026 highlights accelerated AI-driven transformation of cybersecurity operations

At RSAC 2026, industry leaders emphasized the unprecedented speed of AI integration into cybersecurity workflows, reshaping defensive and offensive capabilities faster than anticipated. Organizations are now predominantly in reactive mode, with threat actors leveraging AI more effectively than defenders' adoption rates. The event also highlighted persistent challenges in authentication and software vulnerabilities, underscoring the need for historical lessons in addressing modern threats. Informa TechTarget’s cybersecurity portfolio brands (Dark Reading, Cybersecurity Dive, TechTarget SearchSecurity) demonstrated a coordinated "360-degree" coverage strategy to address the fragmented yet interconnected needs of CISOs, SOC managers, and risk professionals. Analysts noted the industry’s 20-year evolution from fewer than a dozen vendors to over 4,000, with threats escalating from rudimentary social engineering to ransomware capable of disrupting critical infrastructure. Quantum computing was framed as a future concern rather than an immediate crisis, with experts describing it as a manageable evolution rather than a disruptive inflection point.

Open in new tab

Over-Privileged AI Systems Linked to Higher Incident Rates

A new report from Teleport reveals that AI systems with excessive access rights experience significantly higher incident rates. Over 69% of security leaders believe identity management must evolve to mitigate risks in AI infrastructure. Organizations with over-privileged AI systems report a 76% incident rate, compared to 17% for those with least-privilege controls, indicating a 4.5 times higher risk. The report highlights that static credentials and complex IT infrastructures contribute to these security issues.

Open in new tab