Synthetic intelligence brokers, autonomous software program that performs duties or makes selections on behalf of people, have gotten more and more prolific in companies. They will considerably enhance effectivity by taking repetitive duties off staff’ plates, resembling calling gross sales leads or dealing with knowledge entry.
Nonetheless, by advantage of AI brokers’ capacity to function outdoors of the person’s management, in addition they introduce a brand new safety threat: Customers could not at all times pay attention to what their AI brokers are doing, and these brokers can work together with one another to increase the scope of their capabilities.
A 2025 survey of U.S.-based IT leaders from BeyondID argued that many corporations haven’t made that shift. BeyondID stated solely 30% of organizations often map non-human identities resembling AI brokers to essential belongings — whilst brokers log in, entry delicate methods, and set off actions that was once restricted to staff.
“AI is not only a device,” BeyondID CEO Arun Shrestha stated in the report announcement. “It’s performing like a person.”
See extra: TechRepublic protection has tracked the shift as agentic instruments turn into a extra frequent layer in enterprise software program.
Exabeam SPONSORED Exabeam is a number one supplier of safety data and occasion administration (SIEM) options, combining UEBA, SIEM, SOAR, and TDIR to speed up safety operations. Its Safety Operations platforms permits safety groups to rapidly detect, examine, and reply to threats whereas enhancing operational effectivity. |
Impersonation anxiousness rises sooner than agent governance
BeyondID’s survey knowledge recommended that safety leaders have been already occupied with agent-driven identification abuse, however many didn’t rank non-human identification safety as a prime operational precedence.
The agency stated AI impersonation of customers was the highest concern for 37% of safety leaders, whereas solely 6% ranked securing non-human identities as their most tough problem.
“AI brokers don’t have to be malicious to be harmful,” BeyondID stated in a press launch, framing the hole as a governance failure and warning that unchecked brokers may turn into “shadow customers” with broad entry and restricted accountability.
The chance shouldn’t be solely about an agent being “hacked.” It will also be about over-permissioned service accounts, weak lifecycle processes, or unclear possession, situations which have lengthy affected machine identities and now apply to brokers that may plan and act with much less direct human enter.
Healthcare stands out as a high-pressure take a look at case
The healthcare sector is especially in danger, because it has quickly adopted AI brokers for duties like diagnostics and appointment scheduling, but it stays extremely susceptible to identity-related assaults. Of the IT leaders BeyondID surveyed who work in healthcare, 61% stated their enterprise had skilled such an assault, whereas 42% stated that they had failed a compliance audit associated to identification.
“AI brokers at the moment are dealing with Protected Well being Data (PHI), accessing medical methods, and interacting with third events typically with out sturdy oversight,” the researchers wrote.
The BeyondID report additionally pointed to the delicate context: brokers dealing with protected well being data, interacting with third events, and connecting to scientific and administrative methods the place downtime and knowledge publicity can carry excessive prices.
From predictions to frameworks: 2025–2026 marked a shift in “agent safety”
For the reason that BeyondID report’s mid-2025 launch, a number of alerts recommend the trade’s dialog has moved from normal warnings to extra structured approaches.
Gartner predicted in June that 33% of enterprise software program functions will embrace agentic AI by 2028, up from lower than 1% in 2024, whereas additionally warning that greater than 40% of agentic AI initiatives might be canceled by the top of 2027. A number of months later, OWASP’s GenAI Safety Mission revealed the “OWASP Prime 10 for Agentic Purposes for 2026,” specializing in dangers particular to autonomous, tool-using methods and the controls wanted to cut back them.
In parallel, organizations and governments have proven indicators of warning about agent autonomy.
Monitoring brokers like insiders: Third-party methods and identify-first distributors
Because the trade leans into agent governance, one sensible hole stays: visibility into what brokers really do after they authenticate.
That’s the place SIEM and behavior-analytics platforms have tried to increase conventional “insider risk” ideas to non-human identities. This month, Exabeam — a pioneer of SIEM and person and entity habits analytics (UEBA) capabilities — introduced that its New-Scale launch added AI Agent Safety and Agent Conduct Analytics. This intends to detect suspicious deviations in agent exercise or human misuse of AI brokers and mechanically offers proof inside investigation timelines.
Whereas SIEM/UEBA instruments may help detect when brokers use that entry in surprising or dangerous methods, identification instruments may help outline and constrain agent entry.
To keep away from treating agent safety as purely a SOC monitoring downside, distributors in identification and governance have been emphasizing agent-specific identification primitives. Final July, Microsoft launched Microsoft Entra Agent ID as a option to give every AI agent a singular identifier and apply identification controls resembling conditional entry, least privilege, and lifecycle administration.
Identification safety vendor SailPoint revealed analysis in Might 2025 that reported widespread AI agent utilization alongside coverage and governance gaps, one other indicator that the market is treating brokers as a definite identity-security downside reasonably than a generic “AI threat.”
As agentic AI turns into much more succesful, it is going to additionally introduce new vulnerabilities in parallel. Organizations have to preserve abreast of the know-how to mitigate threat.
What safety groups can do subsequent
BeyondID’s suggestions centered on three strikes that map carefully to how enterprises already safe human customers: map AI identities to essential methods, implement least privilege, and monitor habits constantly.
The distinction in 2026 is that extra safety groups now have a number of vendor paths to operationalize these steps, from identification governance for non-human identities to SOC monitoring and analytics to agent-specific threat frameworks and testing steerage.
TechRepublic has revealed further steerage on AI safety instruments and on decreasing “shadow AI” threat, which might present sensible subsequent steps for readers attempting to translate agent governance into day-to-day controls.
