Follow ZDNET: Add us as your preferred source Google.
Important points of ZDNET
- Only 23% of IT managers have full control over their agents.
- A majority say security guardrails will become inadequate within the next six months.
- Agent management must be a “first-class discipline.”
AI agents are very easy to launch, but they are proliferating beyond anyone’s control. And that’s becoming an issue that could undermine the benefits they’re offering.
That’s the conclusion of a just-released study by Rubrik ZeroLabs, which found that fewer than one in four IT managers (23%) say they have “complete” control over the agents in their organization. To make matters worse, these agents don’t necessarily provide the productivity you need. A majority (81%) report that their agents require more time on manual audits and monitoring than they plan to save through improved workflows. Security is also not great, the study added.
Related article: Scaling agent AI requires a strong data foundation – 4 steps to take first
While creating an AI agent is easy, the problem is that “users often turn off VPNs or circumvent security controls to launch agents that act as assistants,” the report’s authors said. As a result, there are a plethora of unapproved AI applications launched internally and by vendors.
Agent sprawl is similar to early cloud adoption
Across the industry, agent sprawl is now a widespread problem, and there are concerns that agents are starting to get out of hand. “We’re already seeing a pattern similar to early cloud adoption, where teams stand up agents independently using different frameworks and vendors,” said Kriti Faujdar, senior product manager at Microsoft. “This creates fragmentation, inconsistent governance, and hidden security gaps.”
The authors of the ZeroLabs study found a disconnect between perceived control and operational reality among agents. Nearly all IT managers (86%) expect agent proliferation to outpace security guardrails in the next year. More than half (52%) expect this to happen within the next six months. Additionally, nearly all respondents said they lack the necessary “undo” functionality to roll back unintended agent behavior.
Related article: How to build business-friendly AI agents without creating trust issues
As agents proliferate across enterprise systems, industry observers are concerned that managing and containing such sprawl is becoming extremely difficult. “Teams with access to the API can spin up an agent in an afternoon,” said Nik Kale, principal engineer at the Coalition for Secure AI. “When you multiply this across a large enterprise, you end up with hundreds of agents with overlapping permissions, no consistent identity model, and no one to tell you your complete inventory.”
Agent observability is notoriously difficult, and the ZeroLabs authors point out that there is a growing need for telemetry to understand the sequence of agent actions interrupted by security enforcement points.
5 questions after implementation
As identified by the authors of the ZeroLabs study, tracking agent survival after deployment means answering the following questions:
- What did the agent do? This is called tracing, and it’s the ability to recreate, or at least reconstruct, exactly what happened.
- Why did this happen? What led the agent to believe that he took the particular action?
- What did it touch? Your audit trail should include a comprehensive list of data and tools that your agents interacted with.
- Was it safe and successful? How does your organization measure task success rates, cited deliverables, policy violations, and people escalations to accurately understand ROI?
- Where did we fail? Can we reproduce the failure to address it?
These questions remain unanswered at this time, the report states. As a result, many administrators and their organizations are unable to “define acceptable agent behavior, audit the resources and tools that agents have access to, create policies to trigger humans in the loop, or roll back agent actions.”
Trade-off between speed and governance
Because agents operate autonomously, they pose greater risks than traditional software, Fawzidar said. In today’s environment, there is a trade-off between speed and governance. “Organizations want to move quickly, but without clear guardrails, they risk building systems that are difficult to trust, audit, and scale. The winners will be those that treat agent management as a first-class discipline, not an afterthought.”
Keeping agents up to date is also a challenge, as the underlying model of the agent tends to change. “Agents you qualify in Q1 will behave differently in Q3, through no fault of the platform,” said Renze Jongman, founder and CEO of Liberty91. “Governance models must assume that the ground will move.”
Also: We asked five data leaders how they can use AI to automate and end integration nightmares.
Currently, “there are too many agents operating outside of governance boundaries, including those that teams have built themselves,” says Kale, who advises keeping the orchestration layer in the agent stack separate from the model and governance layers. “When all three exist within one vendor’s platform, you have taken over the brain, authority, and responsibility chain of the agent in one contract.”
Kale added that agent oversight “needs to involve the business units that own the security, architecture, and outcomes, not just the teams that want to ship the fastest.”
