Skip to content
MarketScale
‹ Back to IndustriesSoftware & Technology

Half of enterprises hit by AI agent security incidents as deployments surge, DigiCert finds

A DigiCert survey reveals that 78% of IT leaders have faced AI-related security incidents in the past six months, though only half have implemented formal governance programs. This highlights the growing challenge enterprises face as AI deployment increases. Effective governance and security mechanisms are critical to mitigating these risks.

This story was produced through MarketScale. See how Software & Technology teams put it to work with Executive Thought Leadership.

By MarketScale Newsroom · DigicertAi SecurityAi GovernanceEnterprise Ai
Share
Learn this in 60 seconds

Key facts, context, and what it means, in one minute.

:60
0:001:00
Half of enterprises hit by AI agent security incidents as deployments surge, DigiCert finds

Key takeaways

01

78% of IT leaders experienced AI security issues recently.

02

Only half of the organizations have formal governance programs for AI.

03

There's an urgent need to enhance AI security measures.

Half of enterprises experienced a security incident directly tied to an unauthorized or misconfigured AI agent in the past six months. That figure, drawn from a DigiCert survey of 1,001 IT and cybersecurity leaders across the US, UK, and Australia, reported by The Deep View on July 7, puts a concrete number on a risk that many security teams have been tracking but few have fully governed.

In total, nearly eight in ten survey respondents said their organization encountered some form of AI-related security issue during the period. About 28% identified vulnerabilities without a confirmed incident, while the remaining 50% reported an actual breach or disruption. Science and technology firms logged the highest incident rates, followed by banking and financial services, telecommunications and media, and retail.

AI security exposure by outcome (past 6 months)50Experienced an AI securityincident28Found vulnerabilities, noincident22No issues reported
DigiCert / The Deep View, July 2026 · © MarketScaleDownload chart

Agents are moving faster than identity controls

Brian Trzupek, DigiCert's senior vice president of product, told The Deep View that AI agents present a fundamentally different identity problem from traditional endpoints. They operate autonomously at machine speed, yet most enterprises have not applied the same identity, authentication, and audit controls to them that they already require of human users, connected devices, and enterprise applications.

The exposure vectors Trzupek cited include prompt injection attacks, data poisoning, unauthorized access to sensitive systems, and an inability to trace which model produced a given output. That last point is operationally significant: nearly half of the 1,001 respondents reported limited or no visibility into how their AI systems arrive at decisions, making post-incident investigation significantly harder.

Deployment pace is widening the governance gap

The volume of AI systems being pushed into production is accelerating the problem. In the same six-month window, 75% of organizations deployed four or more AI-powered systems. More than a third, 35%, deployed over ten. Each additional model or agent integration extends the attack surface without necessarily adding a corresponding control layer.

AI governance readiness vs. deployment activity90Discussed AI governance75Deployed 4+ AI systems(6 months)50Have formal governanceprograms86Have revocationprocesses forcompromised AI
DigiCert / The Deep View, July 2026 · © MarketScaleDownload chart

Governance discussions are widespread, with 90% of organizations reporting they have addressed AI governance at the leadership level. Acting on those discussions is another matter. Only half have dedicated budgets and formal programs in place, according to the DigiCert data. The gap between conversation and operational control is where most of the legal, regulatory, and reputational risk lives.

Revocation exists; proactive identity controls do not

One area where enterprises are ahead of the curve: 86% reported having at least some process, formal or informal, for revoking access to a compromised AI system. That reactive capability is meaningful, but it only applies after something has gone wrong. The harder operational problem is establishing controls at the point of deployment, so that each AI agent carries a verifiable identity, a defined access scope, and a logged audit trail before it ever touches production data.

Trzupek framed the accountability gap directly in his comments to The Deep View: without governance, organizations cannot answer the basic questions of what AI is running, what it can access, and who is responsible when it fails. Those are not abstract compliance concerns. They are the questions an incident response team, a regulator, or a general counsel will ask within hours of a breach.

What this means for your team

  • Audit your AI agent inventory now: identify every agent running in production and confirm whether it has an assigned identity, defined access permissions, and an audit log. If it does not, treat it as an unmanaged endpoint.
  • Close the governance budget gap: if your organization has discussed AI governance but has not funded a formal program, the DigiCert data makes the business case. A 50% incident rate is a number risk committees and boards will recognize.
  • Extend your IAM framework to cover non-human actors: apply the same authentication and least-privilege access standards you require of users and devices to every AI agent, including third-party and embedded models.
  • Build traceability into procurement requirements: before onboarding any new AI platform or agent-based tool, require vendors to demonstrate output traceability, so you can map a decision back to its source model and training data if an incident occurs.

Sources

Featured companies

About the author

MarketScale Newsroom
MarketScale NewsroomEditorial Team, MarketScale

The MarketScale Newsroom reports on the companies, technologies, and trends shaping 16 B2B industries. It turns primary sources and expert commentary into clear, useful coverage for the people doing the work.

Software & Technology: are you visible to AI?

Before they reach out, Software & Technology buyers ask AI engines which vendors to trust. See how AI describes your company today, and where competitors show up instead.

Free workspace

You just read one expert. Imagine publishing your whole team.

This article was produced through MarketScale. Create a free workspace and turn your own team's expertise into articles, video, and social posts. No credit card, no demo required.

NPS +73 · 1,000+ creators · 38+ countries

What you get, free

Your own MarketScale Studio workspace
One video edit a month, on us
AI writing, editing, and publishing tools
In-platform coaching to learn the system

More Software & Technology Insights

Whats One Thing Every Facilities Director Should Do This Month?

Whats One Thing Every Facilities Director Should Do This Month?

The article discusses a crucial activity that every facilities director should undertake each month to ensure optimal function and management of their facilities. By focusing on key operational tasks, facilities directors can maintain efficiency and reduce unexpected problems. Monthly reviews and updates form the backbone of successful facilities management.

  • 01Facilities directors should engage in routine monthly reviews.
  • 02Proactive management can prevent potential facility issues.
  • 03Updating operational protocols enhances efficiency.

Jul 8, 2026

Eighty percent of U.S. factories have no automation. Here's what's holding them back

Eighty percent of U.S. factories have no automation. Here's what's holding them back

Despite recognizing AI's vital role in future success, a large majority of U.S. manufacturing plants have not implemented automation technologies. The discrepancy between manufacturers' intentions to adopt AI and the actual deployment is becoming more pronounced. Understanding the barriers to automation could help bridge this gap.

  • 0180% of U.S. factories lack automation.
  • 02AI is seen as critical for future success by most manufacturers.
  • 03There is a growing gap between AI adoption intentions and actual deployment.

Jul 8, 2026

Southeast Asia's enterprise AI push hits a familiar wall: data, talent, and integration debt

Southeast Asia's enterprise AI push hits a familiar wall: data, talent, and integration debt

Southeast Asian enterprises are rapidly investing in AI technologies, yet they are facing challenges with outdated infrastructure, skill shortages, and integration issues that hinder full deployment. This region sees a promising future in AI, but needs to address significant internal hurdles to achieve substantial progress. Strategies to integrate AI effectively into current systems and workforce development are crucial to overcoming these barriers.

  • 01Southern Asian companies are heavily investing in AI.
  • 02Legacy infrastructure is a major hurdle for AI deployment.
  • 03Talent gaps and ERP integration issues stall progress.

Jul 8, 2026

Explore More Software & Technology Insights

Read more expert perspectives from across Software & Technology.

Browse Software & Technology Hub

About the Expert

MarketScale Newsroom
MarketScale Newsroom

Editorial Team

MarketScale

The MarketScale Newsroom reports on the companies, technologies, and trends shaping 16 B2B industries. It turns primary sources and expert commentary into clear, useful coverage for the people doing the work.