AI agents, specialized models created to function independently or semi-autonomously with instructions, are becoming increasingly prevalent in businesses, with up to 79% of enterprises surveyed implementing them, as reported by PwC earlier this year. However, along with their benefits, AI agents also bring new security challenges.
When a security breach involving AI agents occurs, companies often react swiftly by terminating employees and assigning blame. However, they may be slower to address the underlying systemic issues that allowed the breach to happen in the first place.
Forrester’s Predictions 2026: Cybersecurity and Risk report foresees that the first breach involving AI agents will result in dismissals. It also highlights the pressure on CISOs and CIOs to rapidly deploy AI agents while minimizing risks, amidst geopolitical turmoil.
CISOs are facing a challenging year ahead, especially in globally competitive organizations, with governments tightening regulations on critical communication infrastructure. Forrester predicts the EU will establish a known exploited vulnerability database, leading to a demand for regionalized security professionals.
The rise of quantum-security spending is also anticipated, exceeding 5% of overall IT security budgets, as enterprises strive to preempt threats with quantum-resistant cryptography.
One of the major challenges CISOs will encounter in 2026 is agentic AI breaches and the emergence of weaponized AI, which could reshape the threat landscape significantly.
To address the threats posed by agentic AI, organizations are adopting proactive security measures. Walmart’s Chief Information Security Officer, Jerry R. Geisler III, emphasizes the importance of advanced AI Security Posture Management (AI-SPM) to ensure continuous risk monitoring, data protection, regulatory compliance, and operational trust.
The risks associated with AI agents include data exfiltration, misuse of APIs, and collusion among agents, highlighting the need for robust security controls and minimum viable security (MVS) practices.
Clearwater Analytics’ CISO, Sam Evans, shared insights on mitigating risks associated with AI technologies, emphasizing the importance of protecting sensitive data from being misused by AI engines.
Boardrooms are tasking CISOs with securing AI applications and platforms to enable productivity gains without compromising security. The rapid deployment of AI agents is intensifying the pressure on security teams to respond swiftly to cyber threats.
Walmart’s CISO, Geisler, emphasizes the importance of fostering innovation and a startup mindset to enhance security measures continuously. The focus on modernizing identity and access management (IAM) while adhering to the principle of least privilege is crucial for strengthening defenses.
Enterprises are implementing strategies to counter agentic AI threats, with a focus on visibility, API security, autonomous identities, real-time observability, proactive oversight, adaptive governance, and incident response preparedness.
As Forrester predicts, the first major breach involving AI agents will expose organizations that fail to address governance gaps and security vulnerabilities. CISOs who proactively manage risks and implement strategic security measures will gain a competitive edge in the evolving threat landscape.