Challenges in Securing Rapid Adoption of AI and AI Agents in Enterprise Environments
Organizations are rapidly integrating generative and agentic artificial intelligence into their cybersecurity and IT operations, with a particular focus on identity and access management (IAM) and security operations centers (SOC). While AI offers significant potential for proactive threat detection, adaptive authentication, and streamlined investigations through natural language interfaces, most enterprises are struggling to keep pace with the security, governance, and operational challenges that accompany this technological shift. Surveys indicate that the speed of AI adoption is outstripping the development of adequate security controls, governance frameworks, and incident response playbooks, leaving many organizations exposed to new and evolving AI-driven threats.
Security leaders and practitioners report that building production-ready AI agents for security operations requires far more engineering rigor than prototyping or demos, with challenges such as context management, reliability, and multi-user execution. Despite the promise of AI as a productivity multiplier, nearly two-thirds of IT and business leaders acknowledge that their organizations are deploying AI faster than they can fully understand or secure it, and about half have already encountered vulnerabilities in their AI systems. The lack of mature governance and security practices around AI adoption is a growing concern, especially as the technology becomes more deeply embedded in critical enterprise workflows.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
1 event from the most recent confirmed update back to the earliest known activity.
Story first reported
Initial story creation
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
5 references tracked. Mallory keeps watching after this page renders.
Cybersecurity Snapshot: Top Guidance for Improving AI Risk Management, Governance and Readiness
tenable.com
Open sourceISC2 Security Congress: The shaky state of AI security today
scworld.com
Open sourceHow Can Generative AI Transform the Future of Identity and Access Management
securityboulevard.com
Open sourceD@S #68 - Building Production-Ready AI Agents in Security Operations
detectionatscale.com
Open sourceCompanies struggle to secure fast-growing workplace AI use
scworld.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Enterprise Security Challenges and Frameworks for AI Adoption
The rapid integration of AI technologies into enterprise environments is introducing new security challenges that traditional controls are not equipped to handle. Organizations are grappling with how to secure AI models, data, and autonomous agents, as well as how to operationalize AI security across the entire lifecycle. Security leaders emphasize the need for clear frameworks that address the unique risks posed by AI, including misconfigurations, configuration drift, and the importance of focusing on outcomes rather than simply adding more tools or dashboards. Efficiency, automation, and prioritization are highlighted as critical factors in reducing real risk, with a shift from compliance-driven approaches to measurable security outcomes. Industry experts stress that many organizations are "over-tooled but under-protected," with operational blind spots and unused controls creating exposure long before sophisticated attacks occur. The conversation around AI in security is moving beyond tool acquisition to ensuring that existing capabilities are properly configured and operationalized. This evolving landscape requires security teams to rethink governance, data protection, and the deployment of AI-enabled solutions, with a focus on practical frameworks and exposure management to address the complexities of modern enterprise environments.
Mar 21, 2026
Enterprise Security Challenges with Agentic AI and Identity Management
The rapid adoption of agentic AI in enterprise environments is introducing unprecedented security challenges, particularly around identity and authentication. As organizations deploy autonomous AI agents to automate business operations, security experts warn that the vast majority of enterprises lack adequate identity protections for these agents. Without robust mechanisms such as public key infrastructure (PKI) or agent-specific authentication controls, there is a significant risk that rogue or hijacked agents could communicate with legitimate systems, potentially leading to prompt injection attacks and unauthorized actions within enterprise networks. IT leaders are recognizing the need to restructure internal operations and establish strong security and compliance frameworks to safely integrate agentic AI at scale. Operational readiness, interoperability, and orchestration across multicloud environments are becoming essential as organizations move from experimentation to production deployments involving thousands of autonomous agents. The lack of mature identity management for AI agents remains a critical concern, with experts emphasizing the importance of foundational security measures to prevent exploitation and maintain trust in automated workflows.
Mar 21, 2026
Organizational Readiness and Security Challenges in Enterprise AI Adoption
Organizations worldwide are accelerating their adoption of artificial intelligence (AI), but most are struggling to ensure their infrastructure and security measures can keep pace with the demands of these new technologies. According to a Cisco report, the rapid deployment of AI is exposing significant gaps in existing IT systems, a phenomenon described as 'AI infrastructure debt.' This debt arises when companies attempt to implement AI on legacy systems not designed for such workloads, leading to increased friction, higher costs, and growing security vulnerabilities. Only a minority of organizations, termed 'Pacesetters,' are proactively integrating AI readiness into their long-term strategies, focusing on scalable infrastructure and robust security. The majority, however, lack confidence in their ability to protect AI systems, with data protection and access control identified as persistent weak points. The emergence of agentic AI—autonomous systems capable of making operational decisions—further expands the attack surface, as these agents can potentially propagate security incidents across interconnected systems if compromised. Many organizations have yet to establish effective controls or monitoring for these agents, and few have plans for ongoing human oversight once AI systems are operational. This lack of preparedness is already manifesting in visible security gaps, even before widespread deployment of agentic AI. In parallel, regulatory compliance is a mounting concern for IT leaders, with over 70% citing it as a top challenge in deploying generative AI, according to a Gartner survey. The evolving landscape of AI regulations, including the EU AI Act and various state-level laws in the US, is creating a complex and sometimes conflicting patchwork of requirements. Less than a quarter of IT leaders feel very confident in their organizations' ability to manage security, governance, and compliance for generative AI. Gartner forecasts a 30% increase in legal disputes related to AI regulatory violations by 2028, and anticipates that new categories of illegal AI-informed decision-making will result in over $10 billion in remediation costs by mid-2026. The regulatory environment is still in its early stages, but the pressure on organizations to adapt is intensifying. The combination of technical debt, expanded attack surfaces, and regulatory uncertainty underscores the urgent need for organizations to reassess their AI strategies, invest in secure and scalable infrastructure, and develop comprehensive governance frameworks. Without these measures, the risks associated with rapid AI adoption—including security breaches, compliance failures, and operational disruptions—are likely to escalate. The findings highlight the critical importance of integrating security and compliance considerations into every stage of AI deployment, from initial planning to ongoing operations.
Mar 21, 2026