Executive Summary
65% of organizations report experiencing at least one AI agent-related security incident in the past year. That’s not a projection. It’s a warning about the future. And it’s already happening.
Recent research from the Cloud Security Alliance highlights a growing disconnect that should concern every security leader. While 68% of respondents say they have high confidence in their visibility into AI agents and autonomous workflows, 82% admit they’ve already discovered agents or workflows that security or IT teams didn’t previously know existed.
That gap between perceived visibility and actual visibility is where risk lives.
And if this feels familiar, it should.
We’ve Seen This Before
Organizations have dealt with visibility gaps before. As new technologies emerge, they are often adopted faster than governance and security controls can keep up. The difference now is the nature of what is being deployed. AI agents are not just tools. They behave as autonomous actors operating inside enterprise environments. They can make decisions, execute tasks, and interact with systems independently. That changes both the scale and the speed at which risk can develop.
AI Agents Change the Risk Model
AI agents are not just another category of software. They change how work gets done, introducing systems that can act, access, and persist with limited oversight. That requires a different way of thinking about security. These agents should be treated like users with permissions, not just tools. They operate with credentials, interact with systems, and make decisions that can have a real impact.
Security teams need to focus on continuous discovery and visibility, not point-in-time inventory. It is equally important to establish clear ownership and lifecycle management, including how and when agents are decommissioned. Applying Zero Trust principles to these non-human entities becomes critical as they move across systems and environments.
Without these controls, agents accumulate access, outlive their original purpose, and operate outside normal security boundaries, often without anyone realizing it.
The Confidence Problem
One of the most concerning findings from the Cloud Security Alliance is not just the presence of unknown AI agents, but also the confidence organizations have in their visibility. While 68% of organizations report high confidence in their ability to track AI agents, 82% have already discovered agents or workflows they didn’t know existed. This is not just a tooling issue. It’s a misalignment between perceived visibility and actual visibility.
That gap creates a dangerous dynamic:
In this environment, risk doesn’t appear immediately. It builds quietly, as unmanaged agents persist, accumulate permissions, and operate without clear ownership, until it surfaces as an incident.
The Timeline Is Shrinking
Additional data reinforces how urgent this issue is becoming. According to Arkose Labs, 97% of enterprise leaders expect a material AI-agent-driven security or fraud incident within the next 12 months, with almost half (49%) anticipating impact within six months.
This is not a long-term strategic concern. It is an immediate operational risk.
What Security Leaders Should Be Asking
The question is no longer whether AI agents exist in your environment. It’s whether you actually know where they are, what they’re doing, and what they have access to.
Do you have a real inventory of these agents, or just a general sense of what’s been deployed? Who owns them, and what happens when they’re no longer needed? And if something goes wrong, can you tell whether it was a human, an internal agent, or something external?
If those answers aren’t clear, the issue isn’t tooling, it’s visibility. And that’s where risk starts to build.
The Bottom Line
AI agents are already embedded across enterprise environments, driving automation and efficiency. They are also expanding the attack surface in ways most organizations don’t fully understand yet. The risk isn’t just that these systems exist. It’s that many of them operate without clear visibility, ownership, or control.
That gap between what organizations think they have and what actually exists is where incidents are already happening, and where more will come from.
For security leaders, the priority is straightforward:
You cannot control what you cannot see.
Don’t have a PolySwarm account? Go here to sign up for a free Community plan or subscribe.
Contact us at hivemind@polyswarm.io | Check out our blog | Subscribe to our reports.