Notifications
Clear all
Topic starter
12/06/2026 9:37 pm
TL;DR: MIT’s Delphi study of 272 experts gives developers primary responsibility for AI security risk with full consensus, while users score far lower, highlighting a governance gap that widens as agentic systems scale, according to ZioSec’s summary of the MIT AI Risk Initiative. The deeper problem is that responsibility is being assigned to the role least structured to carry it.
NHIMG editorial — based on content published by ZioSec: MIT asked 272 experts who owns AI risk, and they picked developers
By the numbers:
- 88% of enterprises will be deploying agents by the end of 2026.
- 38% of businesses already have unauthorized agent deployments their security teams haven’t sanctioned.
- 48% of CISOs now name agentic AI as the top attack vector for 2026.
Questions worth separating out
Q: What breaks when AI security responsibility is assigned only to developers?
A: Security breaks when responsibility is separated from runtime control.
Q: Why do agentic AI systems complicate identity governance?
A: Agentic systems complicate identity governance because their access is not static.
Q: How do security teams know whether AI agents are actually governed?
A: They know only if discovery, ownership, and telemetry are in place.
Practitioner guidance
- Define runtime ownership for every agent Assign a named operational owner for each agent identity, including any agent that can call tools, access data, or act without direct human approval.
- Discover unsanctioned agents continuously Run discovery across cloud, application, and workflow layers to find agents that were created outside formal approval flows.
- Instrument agents with attestable evidence Capture logs that show what each agent accessed, what tool it invoked, and when scope changed during execution.
What's in the full article
ZioSec's full analysis covers the operational detail this post intentionally leaves in the source:
- The underlying MIT matrix framing and how the expert responsibility scores were distributed across actor types.
- The full argument about why the CISO role is absent from the academic model and what that means for accountability.
- The deployment and attack-surface figures used to support the case for evidence-based agent governance.
- ZioSec's live attack-campaign positioning and how the article ties that back to agent behaviour in practice.
👉 Read ZioSec's analysis of MIT's AI risk responsibility study →
AI risk ownership and the developer accountability gap?
Explore further
12/06/2026 11:49 pm
Developer responsibility is not the same thing as security control. The MIT panel is correct that developers shape AI risk at design time, but the security failure appears later, when the system operates beyond the developer’s direct oversight. That means ownership statements can be directionally right and operationally useless at the same time. The practitioner implication is clear: governance must target runtime evidence, not org-chart accountability.
A few things that frame the scale:
- 38% of businesses already have unauthorized agent deployments their security teams haven’t sanctioned, according to LLMjacking: How Attackers Hijack AI Using Compromised NHIs.
- DeepSeek accidentally embedded over 11,000 secrets in its training data and left a database exposed online, revealing more than one million sensitive records including chat histories, backend credentials, and API keys.
A question worth separating out:
Q: Who should be accountable for AI agent risk in practice?
A: Accountability should sit with the team that can prove control over the agent’s lifecycle, access, and behaviour. That usually means shared operational responsibility between engineering, security, and governance, backed by telemetry and formal ownership, not a single named role in isolation.
👉 Read our full editorial: MIT's AI risk study exposes the developer accountability gap
