AI agents spark new enterprise security fears, report shows

A new report from SailPoint has identified significant security risks as AI agents become increasingly prevalent in enterprise environments, with current governance policies lagging behind their rapid adoption.

The research, titled 'AI agents: The new attack surface. A global survey of security, IT professionals and executives', reveals that 82% of organisations are already using AI agents, but less than half, just 44%, have established policies designed to secure them. Despite a high awareness of the potential risks—96% of technology professionals view AI agents as an expanding threat—98% of organisations intend to further broaden their use of these systems over the coming year.

The report clarifies that "AI agent" or "agentic AI" refers to autonomous systems capable of perceiving, deciding, and acting to achieve specified objectives within an environment. These systems frequently require multiple machine identities to access a range of data, applications, and services, introducing substantial complexity, including features such as self-modification and the generation of sub-agents.

According to the findings, 72% of respondents believe AI agents present a greater security risk than standard machine identities. Key concerns cited include their ability to access privileged data (60%), perform unintended actions (58%), share privileged data (57%), make decisions using inaccurate or unverified data (55%), and access or disseminate inappropriate information (54%).

Chandra Gnanasambandam, Executive Vice President of Product and Chief Technology Officer at SailPoint, commented: "Agentic AI is both a powerful force for innovation and a potential risk. These autonomous agents are transforming how work gets done, but they also introduce a new attack surface. They often operate with broad access to sensitive systems and data, yet have limited oversight. That combination of high privilege and low visibility creates a prime target for attackers. As organizations expand their use of AI agents, they must take an identity-first approach to ensure these agents are governed as strictly as human users, with real-time permissions, least privilege and full visibility into their actions."

The report identifies that AI agents now routinely access sensitive data, such as customer information, financial data, intellectual property, legal documentation, and supply chain transactions. Respondents to the survey expressed substantial concern regarding the challenge of controlling what data AI agents can access and share, with an overwhelming 92% stating that the governance of AI agents is vital to enterprise security.

Incidents of poor oversight were also highlighted. Nearly a quarter (23%) of those surveyed reported that their AI agents had been tricked into exposing access credentials. Additionally, a substantial majority, 80%, indicated their AI agents had performed unintended actions, including accessing unauthorised systems or resources (39%), accessing or sharing sensitive or inappropriate data (31% and 33% respectively), and downloading sensitive content (32%).

SailPoint asserts that AI agents ought to be recognised as a distinct identity group within enterprise systems. With almost all organisations planning to expand usage of agentic AI, the report suggests that organisations require robust identity security solutions. These should provide unified visibility across all identities, including both human and machine types, and support principles such as zero standing privilege and comprehensive auditability to bolster security and aid compliance with regulatory standards.

The study surveyed 353 enterprise IT professionals globally, all of whom have responsibilities in security, identity management, compliance, or operations. The sample included participants at all levels of seniority and from five continents, providing a broad perspective on current trends and attitudes concerning AI agents in enterprise environments.