More Than Half of Organizations Experience AI Agent Scope Violations, Cloud Security Alliance Study Finds

New research shows rapid AI adoption is outpacing governance, with unintended AI agent behavior becoming common across enterprises 

SEATTLE – April 16, 2026 – A new study conducted by the Cloud Security Alliance (CSA), the world’s leading not-for-profit organization committed to AI, cloud, and Zero Trust cybersecurity education, found that the risk posed by AI agent scope violations is no longer theoretical but increasingly common. Commissioned by Zenity, the leading security and governance platform for AI, the Enterprise AI Security Starts with AI Agents survey found that 53% of organizations have had AI agents exceed their intended permissions, leaving them vulnerable to increased risk. 

Nearly half (47%) of respondents experienced a security incident involving an AI agent in the past year. The study also found that when these incidents occur, detection and response times extend to hours and even days.

“AI agents are already operating at scale as part of the enterprise digital workforce, but security and governance haven’t kept pace with their autonomous actions,” said Hillary Baron, AVP of Research, Cloud Security Alliance. “The findings highlight gaps in visibility, runtime controls, and action traceability, underscoring the need for organizations to evolve their governance and security strategies, designing them specifically for autonomous systems and scaling them alongside adoption.” 

Among the survey’s key findings:

• AI agent usage by organizations is widespread. Forty-three percent of organizations report that more than half of employees use AI agents regularly, with adoption spanning IT (53%), security (37%), customer service (34%), and engineering (34%).
• Shadow AI agents appear early in adoption. More than half (54%) of organizations report between 1–100 unsanctioned AI agents, with ownership often unclear. Only 15% said that 76–100% of agents have defined ownership, while 34% reported ownership visibility for just 26–50% of AI agents.
• AI agent scope violations are now routine. Only 8% of respondents said AI agents never exceed their intended permissions. Just 16% reported high confidence in their ability to detect AI agent-specific threats, while 44% reported low or no confidence.
• Compliance becomes the default without an AI-agent security strategy. While 50% of respondents report having at least partially documented governance policies for AI agent usage, only 31% have formally adopted a policy. Respondents listed HIPAA (43%), NIST AI Risk Management Framework (37%), and SOC 2 or ISO 27001 (34%) as the frameworks that most influence their AI agent governance. Only 13% reported feeling highly prepared for upcoming AI-related regulations, while 49% indicate they feel slightly or not at all prepared.

"For years, the AI security conversation has focused on prompts. What this report confirms is that the real question is different: why did the agent do that? Agents are reading emails, accessing financial data, and changing configurations inside core business workflows. Most organizations can't say what those agents have accessed, what decisions they've made, or who is accountable when something goes wrong,” said Ben Kliger, co-founder and CEO of Zenity. “When scope violations are routine for 9 in 10 organizations and only 13% feel prepared for the regulatory scrutiny ahead, the problem isn't awareness. It's that legacy security was built to monitor what users say, not what autonomous systems do. The risk lives in runtime, in what agents actually do once they're in motion. That's where security has to be." 

Zenity commissioned CSA to develop a survey to better understand the industry’s knowledge, attitudes, and opinions regarding autonomous AI agents. Zenity financed the project and co-developed the questionnaire with CSA research analysts. The survey was conducted online by CSA in September and November 2025 and received 445 responses from IT and security professionals from organizations of various sizes and locations. CSA’s research analysts performed the data analysis and interpretation for this report.

Download the Enterprise AI Security Starts with AI Agents survey report.

About Zenity
Zenity is the first security and governance platform purpose-built for AI agents - spanning SaaS, home grown platforms (Cloud), and end-user devices (Endpoint). Trusted by Fortune 500 enterprises, Zenity helps security teams confidently adopt AI by delivering defense in depth with full-lifecycle coverage: from agent discovery and posture management to real-time detection, inline prevention, and response. With an agent-centric approach that prioritizes how agents behave, what they access, and which tools they invoke, Zenity eliminates blind spots and enforces consistent policy and controls across environments so organizations can innovate with AI, without compromising security. Learn more at www.zenity.io.

About Cloud Security Alliance
The Cloud Security Alliance (CSA) is the world’s leading not-for-profit organization committed to awareness, practical implementation, and credentialing of forward-looking cybersecurity topics, including AI, cloud, and Zero Trust. In an era where digital transformation drives business success, CSA stands as the global authority ensuring organizations can operate securely while harnessing cutting-edge technology. Through volunteer-driven research, globally-accepted standards, and award-winning vendor-neutral education programs that unite technical experts, industry practitioners, and varied associations, governments, chapters, and corporate members, CSA bridges the gap between innovation and pragmatic security execution. Visit CSA’s website to learn more.

Media Contacts
Kristina Rundquist
ZAG Communications for the CSA
[email protected]

Elyse Familant
Results PR (for Zenity)
[email protected]