Skip to content
Safety · Jul 17, 2026

More than half of enterprises report AI agent security incidents or near-misses, survey finds

Only about a third of organizations give every agent its own scoped identity, while most still share credentials; fewer than three in ten isolate high-risk agents.

Trust76
HypeLow hype

1 source · cross-referenced

ShareXLinkedInEmail
TL;DR
  • More than half of enterprises (54%) have experienced a confirmed AI agent security incident or near-miss, with 18% reporting a confirmed breach and 36% a near-miss caught before harm occurred.
  • Only about a third (32%) of enterprises provide every AI agent with its own scoped identity, while 69% report some form of credential sharing among agents.
  • Fewer than three in ten enterprises (30%) isolate their highest-risk AI agents in sandboxes to limit blast radius.
  • Security tooling is dominated by provider-native solutions (e.g., OpenAI, Google, Microsoft, Anthropic), while dedicated agent-security specialists remain in low single digits.
  • Nearly six in ten enterprises plan to adopt or switch agent security tooling within a year, despite high satisfaction (4.2/5) with current controls.

A VentureBeat Pulse Research survey of 107 enterprises finds that 54% have experienced either a confirmed AI agent security incident (18%) or a near-miss caught before harm (36%) in the past year. Only 42% report no such events, while a small remainder either run no agents in production or do not track such incidents.

The structural weakness underlying these incidents is identity management. Only about a third of enterprises (32%) give every agent its own scoped, managed identity, while 48% report that some agents share credentials and 32% say agents mostly run on shared API keys or borrowed human and service-account credentials. Organizations with credential sharing anywhere in their agent fleet experienced incidents or near-misses at a 63.5% rate, compared to 40.9% for those with fully scoped identities.

Isolation controls are also underdeveloped. Only 30% of enterprises isolate their highest-risk agents in sandboxes, despite this being the control that bounds damage when other measures fail. Monitoring and enforcement are more common—47% observe agent activity and 49% enforce scoped permissions at runtime—but containment lags behind.

Security tooling remains dominated by provider-native solutions. OpenAI’s guardrails lead at 51%, followed by Google’s and Microsoft’s cloud controls and Anthropic’s managed-agent controls. Dedicated agent-security specialists, such as Palo Alto’s Prisma AIRS or CrowdStrike, register in the low single digits. Satisfaction with current tooling is high (4.2/5), yet only a third of enterprises believe their AI-enabled defenses are ahead of AI-enabled attackers.

Budget allocations reflect the lag in preparedness. The most common spending range is 6–10% of the security budget on AI agent security (46%), with 34% spending 5% or less. Only 24% devote more than a tenth of their security budget to this area.

Despite high satisfaction, a majority of enterprises plan to change tooling within a year. Fifty-nine percent intend to adopt a new, additional, or replacement agent security solution within twelve months, with 29% planning to do so within the next quarter. Among organizations that have experienced an incident, 42.1% plan to act within 90 days, rising to 52.6% after a confirmed incident.

Sources
  1. 01VentureBeat — AIThe agent security gap: 54% of enterprises have already had an AI agent incident, and most still let agents share credentials
Also on Safety

Stories may contain errors. Dispatch is assembled with AI assistance and curated by human editors; despite the trust-score filter, mistakes happen. We correct publicly — every article links to its revision history. Nothing here is financial, legal, or medical advice. Verify before relying on any claim.

© 2026 Dispatch. No ads. No sponsorships. No paid placement. Reader-supported via Ko-fi.

Built by a person who cares about honest AI news.