Unchecked AI Agents Cause Cybersecurity Incidents at Two Thirds of Firms

The rapid adoption of generative AI has introduced autonomous agents that execute tasks across SaaS tools, internal automation pipelines, and large‑language‑model (LLM) platforms. A joint study by the Cloud Security Alliance and Token Security, released on April 21, surveyed enterprises and found that 68 % of respondents feel they can see AI agents on their networks, yet a striking 82 % uncovered previously unknown agents in the past year. This visibility gap signals that many organizations lack comprehensive inventory practices, leaving shadow agents to operate unchecked.

The same research revealed that 65 % of firms experienced at least one cybersecurity incident attributable to AI agents within the last twelve months. The most frequent outcomes were data exposure (61 %), operational disruption (43 %) and unintended process actions (41 %). Financial repercussions were reported by 35 % of respondents, and 31 % saw service delays. These figures illustrate that AI agents are no longer a niche risk; they are now a mainstream vector for data breaches and operational loss, directly affecting revenue and brand reputation.

Governance shortcomings are most acute around agent decommissioning—only one in five organizations have formal retirement procedures, allowing credentials and permissions to linger. The Cloud Security Alliance recommends a unified lifecycle model that couples continuous visibility with documented purpose, risk‑based action controls, and event‑driven monitoring. Embedding AI agents into existing enterprise risk frameworks transforms a technical oversight issue into a strategic business‑risk management priority. Companies that adopt these controls can mitigate exposure, maintain compliance, and sustain operational resilience as autonomous agents become integral to digital workstreams.