AI Agents: Who’s There? What Are They Doing? Most Security Teams Don’t Know
None
<p><span style="font-weight: 400;">Rampant proliferation of Agentic AI and its nearly unrestricted access to data without proper security and governance is eroding trust and hampering the success of the AI initiatives organizations are adopting at a dizzying pace. </span></p><p><span style="font-weight: 400;">Nine out of ten organizations have given broad data access to their enterprise GenAI—and if that doesn’t scare the bejesus out of security teams, then consider that 68% have no real idea what data agents are accessing and just under that (65%) couldn’t tell you what data is accessible to use for AI input, according to </span><a href="https://mind.io/content/research-report-impact-of-data-trust-on-ai-success" target="_blank" rel="noopener"><span style="font-weight: 400;">research from MIND</span></a><span style="font-weight: 400;">. They just know (41%) that they’re plagued by Shadow GenAI. And if that’s not bad enough, nearly one-third understand they have unknown agents cavorting around their environments. </span></p><p><span style="font-weight: 400;">Noting that “</span><span style="font-weight: 400;">identity is no longer about perimeter-based defense,” Mark McClain, CEO at SailPoint, says, “the rise in AI-based agents and the massively accelerating threat landscape has rendered that approach insufficient, and prompted a shift towards identity as the critical element to enterprise security.” </span></p><p><span style="font-weight: 400;">With AI and development teams “scaling faster than the security workforce that’s meant to govern them,” Randolph Barr, CISO at Cequence Security, says, “security teams are no longer just defending human users; they’re supervising autonomous systems that generate their own integrations.” </span></p><p><span style="font-weight: 400;">That creates a broad set of technical, organizational and cultural challenges. “Teams must now manage ‘shadow AI’ and ‘shadow APIs,’ both of which introduce risks far beyond traditional DevOps oversight,” pushing governance and visibility to the frontline. “Without unified oversight, a single misconfigured API or orphaned key can compromise entire AI pipelines,” he says. </span></p><p><span style="font-weight: 400;">Perhaps that explains MIND’s “The Impact of Data Trust on AI Initiative Success,” found 66% can’t enforce policies around AI agents and slightly more (70%) grapple with enforcing policies on GenAI tools. That’s unacceptable in today’s terms since nearly all (98%) have already seen at least one AI security challenge in their organizations.</span></p><p><span style="font-weight: 400;">Those findings underscore one, not-so-surprising truth: The gap between rapid AI adoption and security and governing the data that fuels it yawns wide and is only getting wider. Just 20% of organizations have security strategies mature enough to accommodate AI.</span></p><p><span style="font-weight: 400;">But they need to move fast to rectify that. “AI can’t operate sustainably without strong security safeguards,” and now “that reality is raising the stakes on cybersecurity work and changing the shape of the job,” says Diana Kelley, CISO at Noma Security. </span></p><p><span style="font-weight: 400;">While “traditionally, security teams focused on the protection of systems and data,” Kelley points out they now “are helping to govern AI systems and agents that make recommendations and decisions, and in some cases take action on behalf of the business, while enabling the business to adopt AI quickly and safely.”</span><span style="font-weight: 400;"><br></span><span style="font-weight: 400;"><br></span><span style="font-weight: 400;">With “a more well-resourced adversary,” the cost of scale is lowered while the quality of automated attack campaigns increases. So, “without a strong control plane for AI systems and agents, including clear guardrails on access and actions, along with identity, access control, data governance, and runtime monitoring, AI will amplify whatever weaknesses already exist,” Kelley says.</span></p><p><span style="font-weight: 400;">“AI doesn’t invent new attack vectors. It removes hesitation and reduces the time to execute, says Shane Barney, CISO at Keeper Security.</span></p><p><span style="font-weight: 400;">“As attackers automate their own decision-making, defenders need the same ability to understand actions and intent immediately, not just record activity for later review,” he says, which means turning to AI-powered threat detection and response that “can flag and shut down malicious behavior in real time – moving at the speed of AI-powered threats.”</span></p><p><span style="font-weight: 400;">He warns that in a cloud environment “where attackers can reason and act in minutes, any standing privilege is an open invitation.”</span></p><p><span style="font-weight: 400;">And much like the open source ecosystem before it, “as AI systems, agents, and toolchains evolve rapidly, new classes of vulnerabilities are inevitable,” says Boris Cipot, senior security engineer at Black Duck. </span></p><p><span style="font-weight: 400;">Users and organizations must anticipate those “risks rather than react to them, by assuming that AI supply chains, like traditional software supply chains, will be actively targeted and must be secured accordingly,” he says.</span></p><p><span style="font-weight: 400;">The </span><span style="font-weight: 400;">need for “real-time, intelligent, and dynamic identity security, built to govern and secure not just ‘who,’ or in the case of AI agents, ‘what,’ has access to the enterprise” is clear, McLain says, “but what data they can access and what they can do once inside.</span><span style="font-weight: 400;">” </span></p><p><span style="font-weight: 400;">The dire predictions for cybersecurity offerings may be overstated. </span><span style="font-weight: 400;">David Brumley, chief AI and science officer at Bugcrowd, says that while “the market reaction assumes AI collapses the value of cybersecurity platforms,” it in reality “compresses certain features while expanding the overall surface area of security work. As attackers use AI to scale, defenders must do the same.”</span></p><p><span style="font-weight: 400;">As a result, demand grows for “platforms that operationalize AI effectively — it doesn’t eliminate them.”</span></p><p><span style="font-weight: 400;">The real shift, Brumley says, “is in how the work gets done. Security professionals are knowledge workers, and like every knowledge profession, our workflows are being reshaped by AI. Those who ignore it will fall behind.”</span></p><p><span style="font-weight: 400;">Organizations that do adopt it “will become dramatically more effective,” he says, adding that “while security professionals are used to learning new skills, what makes this scarier is the speed and scale at which the change is coming.” </span></p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2026/04/ai-agents-whos-there-what-are-they-doing-most-security-teams-dont-know/" data-a2a-title="AI Agents: Who’s There? What Are They Doing? Most Security Teams Don’t Know"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fai-agents-whos-there-what-are-they-doing-most-security-teams-dont-know%2F&linkname=AI%20Agents%3A%20Who%E2%80%99s%20There%3F%20What%20Are%20They%20Doing%3F%20Most%20Security%20Teams%20Don%E2%80%99t%20Know" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fai-agents-whos-there-what-are-they-doing-most-security-teams-dont-know%2F&linkname=AI%20Agents%3A%20Who%E2%80%99s%20There%3F%20What%20Are%20They%20Doing%3F%20Most%20Security%20Teams%20Don%E2%80%99t%20Know" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fai-agents-whos-there-what-are-they-doing-most-security-teams-dont-know%2F&linkname=AI%20Agents%3A%20Who%E2%80%99s%20There%3F%20What%20Are%20They%20Doing%3F%20Most%20Security%20Teams%20Don%E2%80%99t%20Know" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fai-agents-whos-there-what-are-they-doing-most-security-teams-dont-know%2F&linkname=AI%20Agents%3A%20Who%E2%80%99s%20There%3F%20What%20Are%20They%20Doing%3F%20Most%20Security%20Teams%20Don%E2%80%99t%20Know" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fai-agents-whos-there-what-are-they-doing-most-security-teams-dont-know%2F&linkname=AI%20Agents%3A%20Who%E2%80%99s%20There%3F%20What%20Are%20They%20Doing%3F%20Most%20Security%20Teams%20Don%E2%80%99t%20Know" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div>