Notifications
Clear all
Topic starter
02/06/2026 6:55 pm
TL;DR: SACR’s February 2026 technoscope says 63% of organisations experienced at least one AI-related security incident in the past year, incidents rose by more than 50% year over year, and over half of deployed AI agents are not actively monitored or secured. The shift toward unified agentic defense platforms reflects a structural control gap, not a tooling trend, according to SACR’s analysis.
NHIMG editorial — based on content published by Cyera: SACR names Cyera an Innovator in the 2026 UADP Technoscope report
By the numbers:
- 63% of organizations experienced at least one AI-related security incident in the past year.
- Reported incidents increased by over 50% year-over-year.
Questions worth separating out
Q: How should security teams govern AI agents as non-human identities?
A: Security teams should govern AI agents as non-human identities with explicit ownership, scoped permissions, and runtime monitoring.
Q: Why do AI agents create more risk than traditional service accounts?
A: AI agents create more risk because they can interpret context, chain actions, and use data in ways that static service accounts cannot.
Q: What breaks when organisations rely on legacy DLP for AI workflows?
A: Legacy DLP breaks when sensitive data is transformed inside an agent’s context before it ever reaches a traditional inspection point.
Practitioner guidance
- Implement continuous monitoring for AI agents Track agent activity, accessed data, and downstream actions in one control view so you can detect scope drift before it becomes a breach.
- Classify data before agent access is granted Tie sensitive data classification to authorization decisions so agents only reach the minimum information required for the task boundary.
- Define task-scoped authorization policies Use policy conditions that limit what an agent can do per workflow, per dataset, and per execution window rather than relying on static entitlements.
With 80% of organisations already reporting that AI agents have acted beyond intended scope, per the AI Agents: The New Attack Surface report, teams need to prove containment, not just awareness?
👉 Read Cyera’s analysis of the 2026 UADP technoscope and AI security convergence →
Explore further
02/06/2026 7:10 pm
Unified agentic defense is becoming the new governance layer because AI agents collapse identity, data, and action into one risk surface. Security teams can no longer treat those domains as separate programs. When an agent can authenticate, access data, and execute tasks, the control point has to move closer to runtime decision-making. Practitioners should plan for joined-up policy rather than isolated controls.
A few things that frame the scale:
- 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems (39%), inappropriately sharing sensitive data (31%), and revealing access credentials (23%), according to AI Agents: The New Attack Surface report.
- Only 52% of companies can track and audit the data their AI agents access, leaving 48% with a compliance and investigation blind spot.
A question worth separating out:
Q: How do organizations prove AI agent controls are actually working?
A: Organizations prove control effectiveness by showing which agents accessed which data, what actions they executed, and whether those actions stayed within approved task boundaries. Useful evidence includes logs, policy decisions, anomaly alerts, and review records. Without that chain, governance is mostly declarative.
👉 Read our full editorial: AI and data security are converging around agentic defense platforms
