Other findings
Third, 72% stated their view that AI agents pose a greater risk than machine identities. Also:
• These respondents cited factors contributing to AI agents as a security risk:
 AI agents’ access to privileged data (60%)
 Their potential to perform unintended actions (58%)
 Risk of agents sharing privileged data (57%)
 Risk of agents making decisions based on inaccurate or unverified data (55%)
 Accessing and sharing of inappropriate information (54%)
• 92% had indicated their view that governing AI agents was critical to enterprise security
• 23% had indicated that AI agents had ever been tricked into revealing access credentials
• Among 80% of respondents citing security risks and unintended actions using AI agents, three major concerns were:
 Accessing unauthorized systems or resources (39%)
 Accessing or sharing sensitive or inappropriate data (31% and 33%)
 Downloading sensitive content (32%)
According to Chandra Gnanasambandam, CTO and EVP of Product, SailPoint, the firm releasing its survey trends: “Autonomous agents are transforming how work gets done, but they also introduce a new attack surface. They often operate with broad access to sensitive systems and data, yet have limited oversight. That combination of high privilege and low visibility creates a prime target for attackers. As organizations expand their use of AI agents, they must take an identity-first approach to