AI agent governance gap: are your controls keeping up?

TL;DR: AI agents are software tools that plan actions, retrieve data, call APIs, and execute workflows across enterprise systems, which makes their identity, permission, and monitoring model materially different from deterministic automation, according to Lasso Security. The core issue is that conventional IAM assumes stable, reviewable access, while agents can chain actions across tools and drift beyond intended scope within a single task.

NHIMG editorial — based on content published by Lasso Security: How to Secure AI Agents in the Enterprise: Visibility, Governance & Risk Control

By the numbers:

• Gartner projects that 40% of enterprise applications will include task-specific AI agents by the end of 2026, up from less than 5% in 2025.
• Only 54% of enterprises fully understand what data their AI agents can access, and just 44% have formal governance policies in place.
• 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems, inappropriately sharing sensitive data, and revealing access credentials.

Questions worth separating out

Q: How should security teams implement least privilege for AI agents?

A: Treat each agent as a distinct software identity with separate read, write, and execute boundaries.

Q: Why do AI agents create more governance risk than traditional automation?

A: Traditional automation follows fixed rules, which makes access easier to predict, test, and certify.

Q: What do teams get wrong about monitoring AI agents?

A: Teams often log only final outputs and miss the decision path that produced them.

Practitioner guidance

• Inventory every AI agent and connected tool Build a live register of agents, their prompts, data sources, OAuth scopes, APIs, and SaaS integrations.
• Separate read, write, and execution authority Do not grant agents bundled access across messaging, documents, ticketing, analytics, and code systems.
• Log the full agent decision path Capture prompts, retrieved context, tool calls, and final outputs in one trace so investigators can reconstruct how a task unfolded.

What's in the full article

Lasso Security's full analysis covers the operational detail this post intentionally leaves for the source:

• Step-by-step agent discovery across SaaS platforms, APIs, and orchestration layers
• Examples of how different enterprise use cases expand permission scope and data exposure
• Guidance on prompt injection, tool misuse, and behavioural monitoring at the implementation level
• Practical examples of how agent permissions and audit logs are mapped in real environments

👉 Read Lasso Security's analysis of how to secure AI agents in the enterprise →

AI agent governance gap: are your controls keeping up?

Explore further

View Full Forum →  |  NHI Foundation Course →