2025 benchmark
The 2025 State of Agentic AI Security Report
Learn how 100+ CISOs, AI security leaders, and architects are preparing for the next wave of agentic risk, and where critical gaps remain.
of organizations are already past experimentation and into real-world agent deployments.
of organizations have a fully maintained, up-to-date inventory of AI agents and MCP connections.
lack governance policy for agent permissions, and monitoring.
Security Teams Lack Confidence in Securing Agent-to-System Actions
Confidence is low: 42% of respondents are unconfident and 30% are neutral about securing agent-to-system interactions, underscoring major gaps in visibility and control.
Most Organizations Have Not Assessed Agentic Risk
60% have not conducted a formal agentic or AI security risk assessment in the last 12 months.
Organizations acknowledge agentic risks but lack the processes, frameworks, and ownership models needed for responsible deployment.
CISO Priorities
prioritize Policy Guardrails, Runtime Enforcement, and AI Traffic Monitoring as 2026’s top investment areas.
plan to evaluate purpose-built agentic AI security platforms to handle multi-agent, multi-tool execution environments.
"Guardrails are essential for Agentic AI Security—they must be thoroughly verified, rigorously tested for their intended purpose, and strictly enforced to ensure compliance"
– Krantikishor Bora
Director - Information Security Risk, GoDaddy
"Visibility is the biggest gap today. You can’t govern or enforce guardrails if you don’t know what your agents are doing. Without observability, every control is guesswork."
– Suhel Khan
CISO at Chargebee
"Observability is the primary defense. Once you have robust observability, you can use tools or build processes to act on this data"
– Phani Kotharu
Sr Director, AI Security, TIAA
"The only way to stay ahead of the curve is to embed security into the entire lifecycle of Agentic AI systems. A 'secure-by-design' approach is not just a best practice; it's a prerequisite for responsible AI adoption."
– Jackie Mak
Director, Cyber Threat Management, KPMG US
Download the Full 2025 State of Agentic AI Security Report
See how your organization compares, and what leading teams are doing next.
Inside, you’ll find:
Current trends in Agentic AI security
How enterprises are adopting Agentic AI and Implementing Security controls.
What CISOs are prioritizing for 2026