54% of Enterprises Already Hit by AI Agent Security Incidents; Most Still Share Credentials
> cd .. / HUB_EDITORIALE
News

54% of Enterprises Already Hit by AI Agent Security Incidents; Most Still Share Credentials

[2026-07-17] Author: Ing. Calogero Bono
> share
Zenithby Meteora Web The operating system for your business. Social, clients, bookings and invoices in one platform. Gyms, barbers, professionals. Discover Zenith Free demo · no card

A new VentureBeat Pulse Research reveals a troubling agent security gap in enterprises. Among 107 organizations with over 100 employees, more than half (54%) have already experienced a confirmed AI agent security incident or a near-miss. Only about a third grant each agent its own scoped identity, while the majority still allow agents to share credentials, widening the blast radius of any potential breach.

Identity remains the structural weakness

According to the survey, only 32% of enterprises give every agent a scoped, managed identity. 48% report that some agents have scoped identities but many still share credentials, and another 32% say agents mostly run on shared API keys or human or service-account credentials. This lack of granular identity is the primary driver of incidents. Organizations with credential sharing experienced a 63.5% incident rate, compared to 40.9% for those with fully scoped identities. Moreover, only 30% isolate their highest-risk agents in sandboxes to limit damage.

Sponsored Protocol

Over-reliance on provider-native security tools

Despite the risks, enterprises report surprisingly high satisfaction with their current security tooling, averaging 4.2 out of 5. However, most tools come from AI model providers like OpenAI (51% adoption), Google, and Microsoft, rather than purpose-built agent security solutions. Only a minority use dedicated platforms such as Palo Alto Prisma AIRS or CrowdStrike. This dependence on native controls, while convenient, may not be sufficient against targeted threats. Recent EU pressure on Google to open Android to rival AI shows the volatile regulatory landscape.

Sponsored Protocol

Agent security budgets remain a thin slice

Spending on AI agent security is still a small fraction of the overall security budget. 46% of companies allocate only 6-10% of their security budget, while a third spend 5% or less. Only a quarter exceed 10%. Combined with the fact that 59% of enterprises plan to switch or adopt new security tools within a year, the situation is clearly in flux. Organizations that have experienced an incident are far more likely to change: 42% of them plan a switch within 90 days, compared to 14% of those without incidents. Recent legal actions against harmful AI apps underscore the seriousness of the issue.

The arms race with AI-powered attackers is evenly matched

Only 35% of enterprises believe their AI defenses are ahead of AI-enabled attackers. Another 32% consider it a tie, while 21% admit to falling behind. This uncertainty, paired with high satisfaction for current tools, suggests a false sense of security. As the original VentureBeat study reports, the agent security gap is real and demands immediate action, especially in identity and isolation. For a deeper analysis, refer to the full VentureBeat report.

Sponsored Protocol

In conclusion, enterprises must act swiftly to bridge the gap between the autonomy granted to AI agents and the security controls in place. Adopting scoped identities, sandbox isolation, and investing in specialized tools are critical steps to prevent the next near-miss from becoming a confirmed breach.

Source: https://venturebeat.com/ai/the-agent-security-gap-54-of-enterprises-have-already-had-an-ai-agent-incident-and-most-still-let-agents-share-credentials

> share
Ing. Calogero Bono

> AUTHOR_EXTRACTED

Ing. Calogero Bono

Ingegnere informatico, fondatore di Meteora Web e Zenith OS. System administrator e progettista di piattaforme, app e CMS proprietari, con esperienza in sviluppo full-stack, marketing digitale ed ecosistema Google.
[ Read Full Dossier ]

> METEORA_WEB // DIGITAL AGENCY

We build the digital presence your business deserves.

Websites, social media, online advertising, e-commerce and high-performance hosting, engineered with method by computer engineers in Sciacca, for all of Italy.

> MW_JOURNAL

> READ_ALL()