Enterprise DNA

Omni by Enterprise DNA

Enterprise DNA Resources

Latest AI and industry news. Practical AI operating-system thinking for owners, operators, and teams doing real work.

220k+

Data professionals

Omni

AI agents and apps

Audit

Map the manual work

News Trending Research

88% of Enterprises Had an AI Agent Security Breach in 2026

AvePoint's 2026 State of AI report finds nearly nine in ten organizations suffered an AI agent security breach, while adoption keeps climbing.

Enterprise DNA | | via AvePoint / GlobeNewswire
88% of Enterprises Had an AI Agent Security Breach in 2026

If your business is deploying AI agents, there is a near-certain chance you have already had a security incident connected to them. That is the uncomfortable headline from AvePoint’s third annual State of AI report, published June 29, 2026.

Surveying 750 global IT leaders across financial services, healthcare, and government, AvePoint found that 88.4% of organizations experienced at least one AI agent-related security breach in the past 12 months. A nearly identical share (89.5%) said the same about generative AI more broadly.

The data paints a picture that will be familiar to anyone paying attention to the enterprise AI market right now: deployment is accelerating faster than the governance and security infrastructure needed to support it.

What Is Actually Going Wrong

The most common AI agent incidents are not exotic attacks. They are data leakage (reported by 50.1% of affected organizations) and manipulation by malicious or untrusted inputs (49.6%). In plain terms: agents are sharing information they should not, and external inputs from users, other tools, or connected systems are influencing agent behavior in unintended ways.

Both failure modes are predictable. AI agents by design have broad access to data and can act on instructions from multiple sources. When the right access controls and input validation are not in place, those features become risks.

The Visibility Problem Is Getting Worse

What makes the security picture more alarming than the incident rate alone is how little visibility most organizations have over what their employees are actually doing with AI.

AvePoint found that the share of organizations unable to determine whether employees are using unsanctioned generative AI tools nearly tripled, from 6.3% in 2025 to 17.6% in 2026. For AI agents specifically, the blind spot is even larger: 21.1% of organizations cannot tell whether employees are using unsanctioned tools to build or run agents.

This is not a sign that organizations are being careless. It reflects how fast the tooling has moved. Twelve months ago, the agent ecosystem was narrower and easier to map. Today, practically every major software platform has added agent capabilities, and employees are building lightweight agents themselves using consumer tools. IT teams are playing catch-up.

Adoption Is Not Slowing Down

Despite the incidents, adoption is accelerating rather than pausing. Nearly half of global employees (46.9%) now use AI agents weekly or daily. Organizations surveyed expect AI agents to take over more than 25% of human work within the next 12 months, and nearly half of all work within five years.

That confidence sits alongside a significant deployment gap. Nearly nine in ten organizations said they had delayed both generative AI and AI agent projects — by an average of roughly six months (5.88 months for generative AI, 5.92 months for agents). The primary reason: unresolved data security and data management concerns.

The result is a pattern where businesses simultaneously believe deeply in the potential of AI agents, are deploying them widely, and are delaying formal rollouts because they do not feel their data infrastructure is ready. In practice, informal adoption fills the gap, which is exactly the kind of unsanctioned use that widens the visibility gaps above.

What This Means for Business

This data matters for any business leader thinking about AI agents in 2026, and it changes the conversation in a few ways.

Security incidents are the baseline, not the exception. If you are planning AI agent deployments, the question is not whether an incident might happen. It almost certainly will. The question is whether you have the monitoring, access controls, and response processes in place to catch it quickly and limit the damage.

Governance has to come before scale. The six-month average delay shows that organizations are learning this lesson the hard way. Waiting until after a large-scale deployment to address data governance is far more disruptive than building it in from the start.

Visibility is the first step. Before worrying about sophisticated security controls, many organizations need a basic inventory of where AI agents are running and what data they can access. That sounds simple, but the tripling of visibility gaps suggests it is one of the hardest things to get right at pace.

The gap is an opportunity as much as a risk. Organizations that solve this (strong data foundations, clear governance policies, reliable agent monitoring) will be able to deploy agents faster and more aggressively than their competitors. The delay is not just a cost; it is a capability disadvantage.


If you’re deciding where to start with agents, start here. The free Working With Claude field guide walks through the ecosystem, Claude Code, and a real rollout plan. Get your copy.

Working With Claude field guide cover

Free Resource

Going deeper with Claude?

Get the free 32-page implementation guide for ANZ teams.

No spam. Unsubscribe any time.