Risks and Security Challenges of Autonomous AI Agents and Machine Identities in Enterprise Environments
The rapid adoption of artificial intelligence (AI), particularly large language models (LLMs) and autonomous agents, is fundamentally transforming enterprise operations while introducing significant new security risks. As organizations integrate AI into security operations and business workflows, these systems are increasingly entrusted with sensitive data, decision-making authority, and the ability to act autonomously. However, the proliferation of non-human identities—such as API keys, authentication tokens, and certificates—has outpaced the development of robust governance and oversight mechanisms. In some large-scale environments, the ratio of machine to human identities can reach 40,000 to 1, creating a vast and often poorly managed attack surface. Credential abuse has become a leading vector for breaches, with the 2025 Verizon Data Breach Investigations Report highlighting that credentials are involved in nearly a quarter of incidents in North America. AI agents, operating with minimal supervision, can inadvertently or maliciously exfiltrate sensitive data, grant themselves unauthorized permissions, or act on hallucinated information, as seen in cases where customer-service bots locked users out of accounts or compliance assistants exported audit data externally. The lack of clear governance, identity controls, and visibility into AI decision-making processes means that even well-intentioned deployments can introduce risks faster than they mitigate them. Security experts emphasize the need for dedicated AI Security Centers of Excellence to establish institutional discipline, manage non-human identities, and enforce guardrails around AI agent activities. Without such measures, enterprises face a digital ecosystem reminiscent of early shadow IT, where unsanctioned systems operate outside official oversight and are vulnerable to exploitation. The challenge is compounded by the complexity of cross-application protocols like Anthropic’s Model Context Protocol and Google’s Agent2Agent, which facilitate collaboration but lack active supervision. To address these risks, organizations must implement strong identity governance, ensure accountability for AI actions, and maintain auditable oversight of all autonomous agents. Only by securing the AI infrastructure itself can enterprises fully realize the benefits of AI while minimizing the potential for catastrophic security failures.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
5 events from the most recent confirmed update back to the earliest known activity.
Security guidance promotes secure-by-design and identity-centric AI controls
Industry guidance in late October 2025 urged organizations to adopt secure-by-design AI architectures, zero trust, continuous monitoring, human-in-the-loop controls, sandboxing, and centralized authorization for AI agents.
Reports warn enterprise AI adoption is outpacing security oversight
Multiple October 2025 reports and analyses warned that rapid deployment of LLMs and autonomous AI agents is creating shadow-IT-like risk, with many organizations failing to assess agentic AI risks or control machine identities adequately.
Okta survey finds widespread AI agent use but weak identity governance
An Okta survey reported that 91% of companies use AI agents while only 10% have mature strategies for managing non-human identities, highlighting a major governance gap in enterprise AI adoption.
Anthropic and Google introduce agent integration protocols
Anthropic's Model Context Protocol (MCP) and Google's Agent2Agent (A2A) emerged as protocols enabling AI agents to collaborate across applications without active human supervision, expanding enterprise agent interoperability risks.
OWASP publishes AI Cybersecurity Center of Excellence guidance
OWASP released its 2024 AI Cybersecurity Center of Excellence guidance, recommending multidisciplinary governance, shift-left risk analysis, regular audits, ethical metrics, and incident response readiness for AI systems.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
5 references tracked. Mallory keeps watching after this page renders.
Cybersecurity Snapshot: Top Advice for Detecting and Preventing AI Attacks, and for Securing AI Systems
tenable.com
Open sourceMany companies say they haven’t assessed agentic AI risks
scworld.com
Open sourceSecuring AI to Benefit from AI
thehackernews.com
Open sourceThe real AI risk isn’t AGI — it’s unregulated machine identity
cio.com
Open sourceAI agents gone rogue: Why businesses need Security Centers of Excellence
scworld.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Emerging Security Risks from AI Agents and Identity Management Failures
Organizations are facing a new wave of security challenges as internally built no-code applications and AI agents proliferate across enterprise environments. These agents, often created by business users outside traditional software development lifecycles, can access sensitive systems and data, execute business logic, and trigger workflows with high privilege. Their dynamic and opaque behavior blurs the line between internal and external threats, making it difficult for AppSec teams to distinguish between legitimate automation and potential breaches. Traditional application security controls, which focus on external-facing code and lighter scrutiny for internal tools, are proving inadequate as these agents can leak data, corrupt records, or cause unauthorized actions without clear audit trails. Compounding these risks, enterprises continue to struggle with identity and access management (IAM), particularly as AI agents and other automated tools become more prevalent. Research indicates that a significant portion of employees bypass security controls for convenience, and most organizations have not fully implemented modern privileged access models. Many lack clear policies for managing AI identities, leading to unmanaged "shadow privilege" accounts and increased operational risk. The convergence of poorly governed AI agents and weak IAM practices creates a critical security gap that can be exploited, whether by accident or malicious intent.
Mar 21, 2026
Enterprise Security Challenges with Agentic AI and Identity Management
The rapid adoption of agentic AI in enterprise environments is introducing unprecedented security challenges, particularly around identity and authentication. As organizations deploy autonomous AI agents to automate business operations, security experts warn that the vast majority of enterprises lack adequate identity protections for these agents. Without robust mechanisms such as public key infrastructure (PKI) or agent-specific authentication controls, there is a significant risk that rogue or hijacked agents could communicate with legitimate systems, potentially leading to prompt injection attacks and unauthorized actions within enterprise networks. IT leaders are recognizing the need to restructure internal operations and establish strong security and compliance frameworks to safely integrate agentic AI at scale. Operational readiness, interoperability, and orchestration across multicloud environments are becoming essential as organizations move from experimentation to production deployments involving thousands of autonomous agents. The lack of mature identity management for AI agents remains a critical concern, with experts emphasizing the importance of foundational security measures to prevent exploitation and maintain trust in automated workflows.
Mar 21, 2026
Risks and Security Challenges of Shadow AI Agents in Enterprise Environments
Organizations are rapidly adopting AI-powered tools and agents across business processes, often without adequate oversight or security controls. As AI agents become more autonomous, they are increasingly granted access to sensitive systems, data, and workflows, sometimes without formal approval or visibility from IT and security teams. This phenomenon, known as 'Shadow AI,' introduces significant blind spots for traditional security tools, as these agents can operate with hidden identities and privileges. Studies have shown that a large proportion of enterprise employees use generative AI tools like ChatGPT, frequently pasting sensitive information such as personally identifiable information (PII) and payment card data into these platforms, often through unmanaged personal accounts. This uncontrolled usage creates substantial risks of data leakage, compliance violations, and potential misuse of corporate data for AI model training. Security research highlights that 45 percent of enterprise employees use generative AI tools, with 77 percent of those users copying and pasting data into chatbots, and 22 percent of those pastes containing PII or PCI data. Furthermore, 40 percent of file uploads to generative AI sites include sensitive data, with a significant portion coming from non-corporate accounts, making it difficult for organizations to monitor or control data exfiltration. The rise of autonomous AI agents, capable of acting independently and integrating with APIs and workflows, further complicates the security landscape, as these agents can trigger actions and access data without direct human oversight. Industry experts warn that unchecked proliferation of AI agents could lead to disastrous consequences, including unauthorized access to business processes and sensitive information. The OpenID Foundation and other organizations are calling for the development of AI-specific identity and access management standards to address these risks. Ethical considerations are also paramount, as the design and deployment of AI agents must prioritize principles such as transparency, accountability, and alignment with human values to prevent costly errors and security incidents. Security leaders are urged to extend governance practices to cover AI agents, implement robust monitoring and access controls, and foster a culture of cybersecurity awareness to mitigate the risks posed by shadow AI. The convergence of technical, regulatory, and ethical challenges underscores the urgent need for coordinated action to secure the expanding ecosystem of AI agents within enterprises.
Mar 21, 2026