Agentic AI governance: what IAM and security teams must fix now

TL;DR: Agentic AI governance gaps are widening as 86% of organisations lack visibility into AI data flows and 96% of enterprises now say AI agents are a security risk, according to Kong’s cited sources. The governance model is already breaking because review-based controls cannot keep pace with agent-timed access, tool use, and data movement.

NHIMG editorial — based on content published by Kong: Agentic AI Governance: Managing Shadow AI and Risk for Competitive Advantage

By the numbers:

• 86% of organizations have no visibility into their AI data flows.
• 20% of security breaches are now classified as shadow AI incidents.
• 96% of enterprises acknowledge that AI agents are a security risk.

Questions worth separating out

Q: How should security teams govern agentic AI without slowing delivery?

A: Use runtime guardrails, policy-as-code, and complete data-flow mapping so governance is enforced inside the execution path rather than added after deployment.

Q: Why do AI agents create more governance risk than traditional shadow IT?

A: Shadow AI is riskier because it does not just store data, it reasons over it, transforms it, and can route it to other systems in ways that are harder to inspect.

Q: What breaks when organisations cannot see AI data flows?

A: Without data-flow visibility, security teams lose the ability to trace where prompts, context, and outputs travel, which means they cannot prove lineage, classify exposure, or enforce least privilege across the agent path.

Practitioner guidance

• Map all AI data flows end to end Inventory agent-to-agent, agent-to-LLM, agent-to-MCP, MCP-to-API, and MCP-to-data paths so ownership and exposure points are visible before production scale-up.
• Move high-risk controls into policy-as-code Automate redaction, access checks, audit logging, and outbound call restrictions so sensitive data is blocked before it reaches external models or restricted systems.
• Treat shadow AI as an identity governance issue Require approval and lifecycle ownership for every agent, token, and service path that can make or shape runtime decisions, including tools created outside central teams.

What's in the full article

Kong's full blog covers the operational detail this post intentionally leaves for the source:

• How Kong maps AI data flows across agent-to-agent, agent-to-MCP, and MCP-to-API paths in production environments
• Examples of policy-as-code controls for PII redaction, access control, and audit logging at the gateway layer
• The five-step operating model Kong proposes for building an agentic AI developer platform
• Why Kong argues unified governance is needed to avoid seams between observability, prompt protection, and cost controls

👉 Read Kong’s analysis of agentic AI governance and shadow AI risk →

Agentic AI governance: what IAM and security teams must fix now?

Explore further

View Full Forum →  |  NHI Foundation Course →