The VentureBeat survey revealed serious gaps in the protection of corporate AI agents

7/17/2026, 12:13 PMЕвгения Слив

VentureBeat has published the results of a recent survey on the security of corporate AI agents. The study covered 107 representatives of companies with more than a hundred employees. 18% of respondents reported confirmed cybersecurity incidents. Another 36% were able to stop the threat before causing real damage. Almost half of the participants did not detect such events in their systems. Only 5% of organizations have completely abandoned AI agents in the work environment. Experts note that the sample is biased towards medium-sized businesses. The main problem lies in the access control of software agents. Only 32% of companies provide each AI with a unique managed identity. The remaining 68% continue to use shared credentials.

Using shared API keys or service accounts creates serious risks. According to analysts, this practice is common in 69% of organizations. Interestingly, companies with shared credentials are more likely to report incidents. This figure was almost 64% compared to 41% for companies with separate identifiers. To protect the systems, 49% of organizations restrict the rights of agents during work. Almost half of the respondents use monitoring and logging of actions. However, only 30% isolate agents with broad rights in special sandboxes. This indicates an insufficient level of automation of cybersecurity processes.

Most companies rely on built-in protection tools from AI vendors. 82% of respondents trust the solutions of large cloud platforms. 51% of organizations use OpenAI tools, while Google and Microsoft use about a third. The average satisfaction with these tools was 4.2 out of five possible points. Companies allocate from 1% to 10% of the total cybersecurity budget to protect AI agents. Despite the current satisfaction, 59% of organizations plan to update their tools within a year. Companies that have already faced real threats are doing this especially actively. Experts remind that the spread of AI agents is still ahead of the introduction of reliable control mechanisms.

Popular news