Half of enterprises hit by AI agent security incidents as deployments surge, DigiCert finds
A DigiCert survey reveals that 78% of IT leaders have faced AI-related security incidents in the past six months, though only half have implemented formal governance programs. This highlights the growing challenge enterprises face as AI deployment increases. Effective governance and security mechanisms are critical to mitigating these risks.
This story was produced through MarketScale. See how Software & Technology teams put it to work with Executive Thought Leadership.
Key facts, context, and what it means, in one minute.
Key takeaways
78% of IT leaders experienced AI security issues recently.
Only half of the organizations have formal governance programs for AI.
There's an urgent need to enhance AI security measures.
Half of enterprises experienced a security incident directly tied to an unauthorized or misconfigured AI agent in the past six months. That figure, drawn from a DigiCert survey of 1,001 IT and cybersecurity leaders across the US, UK, and Australia, reported by The Deep View on July 7, puts a concrete number on a risk that many security teams have been tracking but few have fully governed.
In total, nearly eight in ten survey respondents said their organization encountered some form of AI-related security issue during the period. About 28% identified vulnerabilities without a confirmed incident, while the remaining 50% reported an actual breach or disruption. Science and technology firms logged the highest incident rates, followed by banking and financial services, telecommunications and media, and retail.
Agents are moving faster than identity controls
Brian Trzupek, DigiCert's senior vice president of product, told The Deep View that AI agents present a fundamentally different identity problem from traditional endpoints. They operate autonomously at machine speed, yet most enterprises have not applied the same identity, authentication, and audit controls to them that they already require of human users, connected devices, and enterprise applications.
The exposure vectors Trzupek cited include prompt injection attacks, data poisoning, unauthorized access to sensitive systems, and an inability to trace which model produced a given output. That last point is operationally significant: nearly half of the 1,001 respondents reported limited or no visibility into how their AI systems arrive at decisions, making post-incident investigation significantly harder.
Deployment pace is widening the governance gap
The volume of AI systems being pushed into production is accelerating the problem. In the same six-month window, 75% of organizations deployed four or more AI-powered systems. More than a third, 35%, deployed over ten. Each additional model or agent integration extends the attack surface without necessarily adding a corresponding control layer.
Governance discussions are widespread, with 90% of organizations reporting they have addressed AI governance at the leadership level. Acting on those discussions is another matter. Only half have dedicated budgets and formal programs in place, according to the DigiCert data. The gap between conversation and operational control is where most of the legal, regulatory, and reputational risk lives.
Revocation exists; proactive identity controls do not
One area where enterprises are ahead of the curve: 86% reported having at least some process, formal or informal, for revoking access to a compromised AI system. That reactive capability is meaningful, but it only applies after something has gone wrong. The harder operational problem is establishing controls at the point of deployment, so that each AI agent carries a verifiable identity, a defined access scope, and a logged audit trail before it ever touches production data.
Trzupek framed the accountability gap directly in his comments to The Deep View: without governance, organizations cannot answer the basic questions of what AI is running, what it can access, and who is responsible when it fails. Those are not abstract compliance concerns. They are the questions an incident response team, a regulator, or a general counsel will ask within hours of a breach.
What this means for your team
- Audit your AI agent inventory now: identify every agent running in production and confirm whether it has an assigned identity, defined access permissions, and an audit log. If it does not, treat it as an unmanaged endpoint.
- Close the governance budget gap: if your organization has discussed AI governance but has not funded a formal program, the DigiCert data makes the business case. A 50% incident rate is a number risk committees and boards will recognize.
- Extend your IAM framework to cover non-human actors: apply the same authentication and least-privilege access standards you require of users and devices to every AI agent, including third-party and embedded models.
- Build traceability into procurement requirements: before onboarding any new AI platform or agent-based tool, require vendors to demonstrate output traceability, so you can map a decision back to its source model and training data if an incident occurs.
Sources
- AI adoption is outrunning enterprise security ↗ · The Deep View (Aaron Mok)
About the author
The MarketScale Newsroom reports on the companies, technologies, and trends shaping 16 B2B industries. It turns primary sources and expert commentary into clear, useful coverage for the people doing the work.