Today, Microsoft is releasing a new Cyber Pulse report to provide leaders with first-hand, actionable insight and guidance on emerging cybersecurity risks. One of the most pressing concerns today is the governance of AI and autonomous agents. AI agents are expanding faster than some companies realize, and gaps in visibility pose a business risk.1 Like humans, AI agents require protection with strong observability, governance, and security using Zero Trust principles. As the report highlights, organizations that succeed in the next phase of AI adoption will be those that move quickly and bring together business, IT, security, and developer teams to observe, manage, and secure their AI transformation.
Building agents is not limited to technical roles. Today, employees from all walks of life create and use agents in their daily work. More than 80% of Fortune 500 companies now use AI active agents built with low-code/no-code tools.2 AI is pervasive in many jobs, with workflows across sales, finance, security, customer service, and product innovation incorporating agents powered by generative AI.
As the use of agents expands and opportunities for transformation increase, now is the time to establish basic controls. AI agents must be held to the same standards as employees and service accounts. This means consistently applying long-standing Zero Trust security principles.
- least privilege access: Provide all users, AI agents, and systems with just what they need and nothing more.
- Explicit validation: Always see who or what is requesting access using identity, device health, location, and risk level.
- Assume that a breach may occur: Design systems with the assumption that cyber attackers will infiltrate them.
These principles are not new, and many security teams are implementing Zero Trust principles within their organizations. What’s new are applications for non-human users that operate at scale and at high speed. Organizations that build these controls into their AI agent deployments from the beginning will be able to move faster and build trust in AI.
The rise of human-driven AI agents
The growth of AI agents is extending to many regions around the world, from the Americas to Europe, the Middle East, and Africa (EMEA) to Asia.
According to Cyber Pulse, key industries such as software and technology (16%), manufacturing (13%), financial institutions (11%), and retail (9%) are using agents to support increasingly complex tasks such as writing proposals, analyzing financial data, prioritizing security alerts, automating repetitive processes, and surfacing insights at machine speed.3 These agents operate in an assisted mode and can respond to user prompts and perform tasks autonomously with minimal human intervention.
Also, unlike traditional software, agents are dynamic. they act. They decide. They access the data. And they increasingly interact with other agents.
This fundamentally changes the risk profile.
Blind spots: Agent growth without observability, governance, and security
Despite the rapid adoption of AI agents, many organizations struggle to answer basic questions such as:
- How many agents are running across the enterprise?
- Who owns them?
- What data will they be exposed to?
- Which agents are authorized and which are not?
This is not a hypothetical concern. Shadow IT has been around for decades, but Shadow AI It brings a new dimension of risk. Agents can inherit privileges, access sensitive information, and generate output at scale (sometimes invisible to IT and security teams). Malicious actors can abuse an agent’s access and privileges, turning them into unintended double agents. Just like with human employees, vulnerabilities can arise if agents have too much access or give the wrong instructions. When leaders lack observability of their AI ecosystem, risks silently accumulate.
According to a report from Cyber Pulse, 29% of employees already rely on unauthorized AI agents to do their jobs..4 This difference is notable because it shows that many organizations deploy AI capabilities and agents before establishing appropriate controls for access management, data protection, compliance, and accountability. In regulated sectors such as financial services, healthcare, and the public sector, this gap can have particularly significant consequences.
Why observability is a top priority
You can’t protect what you can’t see, and you can’t manage what you can’t understand. Observability is about having a control plane across all layers of your organization (IT, security, developers, AI teams) to understand:
- What kind of agents are there?
- who owns it
- What kind of systems and data will you interact with?
- how they act
The Cyber Pulse report outlines five core capabilities that organizations need to establish true observability and governance of their AI agents.
- registry: A centralized registry serves as a single source of truth for all agents across the organization, including authorized agents, third-party agents, and emerging shadow agents. This inventory helps prevent agent sprawl, enables accountability, and supports detection while allowing unauthorized agents to be restricted or isolated if necessary.
- access control: Each agent is managed using the same identity and policy-driven access controls that apply to human users and applications. Consistently enforcing least privilege permissions ensures agents have access to only the data, systems, and workflows they need to accomplish their goals. Nothing more, nothing less.
- visualization: Real-time dashboards and telemetry provide insight into how agents interact with people, data, and systems. Leaders can see where agents are operating, understand dependencies, and monitor behavior and impact to detect misuse, drift, or new risks faster.
- interoperability: Agents work across Microsoft platforms, open source frameworks, and third-party ecosystems under a consistent governance model. This interoperability allows agents to collaborate with people and other agents across workflows while remaining managed within the same enterprise control.
- safety: Built-in protection protects agents from internal abuse and external cyber threats. Security signals, policy enforcement, and integrated tools enable organizations to detect compromised or uncoordinated agents early and respond quickly, before the problem escalates into business, regulatory, or reputational damage.
Governance and security are not the same, and both are important
One of the key takeaways from Cyber Pulse is that governance and security are related but not interchangeable.
- governance Define ownership, accountability, policy, and oversight.
- safety Strengthen controls, secure access, and detect cyber threats.
Both are required. And neither can succeed in isolation.
AI governance cannot be achieved solely within IT, nor can AI security be delegated solely to the chief information security officer (CISO). this is cross-functional responsibilitiesacross legal, compliance, human resources, data science, business leadership, and boards of directors.
When AI risk is treated as a core enterprise risk alongside financial, operational, and regulatory risks, organizations will be able to act quickly and safely.
Strong security and governance not only reduces risk but also enables transparency. And transparency is quickly becoming a competitive advantage.
From risk management to competitive advantage
These are exciting times for leading frontier companies. Many organizations are already taking advantage of this moment to modernize governance, reduce over-shared data, and establish security controls to enable secure usage. They prove that security and innovation are not opposing forces. They are strengthening. Security is a catalyst for innovation.
According to a Cyber Pulse report, leaders who act now will reduce risk, innovate faster, protect customer trust, and build resilience into the very fabric of AI-powered enterprises. The future belongs to organizations that innovate at machine speed and monitor, manage, and secure with the same precision. If we get this right, and I know we will, AI will be more than just a technology breakthrough.It will be a breakthrough for humanity’s ambitions..
To learn more about Microsoft security solutions, please visit our website. Bookmark our security blog to stay up to date with experts on security issues. Also, LinkedIn (Microsoft Security) and X (@MSFTSecurity) Find the latest cybersecurity news and updates.
1Microsoft Data Security Index 2026: Integrating Data Protection and AI Innovation, Microsoft Security, 2026.
2Based on a Microsoft first-party telemetry measurement agent built with Microsoft Copilot Studio or Microsoft Agent Builder that was used during the past 28 days of November 2025.
3Industry and region agent metrics were created using Microsoft first-party telemetry measurement agents built with Microsoft Copilot Studio or Microsoft Agent Builder that were used during the past 28 days of November 2025.
4A July 2025 multinational survey of more than 1,700 data security professionals commissioned by Microsoft from Hypothesis Group.
Methodology:
Industry and region agent metrics were created using Microsoft first-party telemetry measurement agents built with Microsoft Copilot Studio or Microsoft Agent Builder that were used during the past 28 days of November 2025.
Data security indicators for 2026:
A 25-minute multinational online survey was conducted between July 16 and August 11, 2025 among 1,725 data security leaders.
Questions centered around the state of data security, data security incidents, protecting the use of generative AI by employees, using generative AI in data security programs, and highlighted comparisons to 2024.
We conducted in-depth, one-hour interviews with 10 data security leaders from the US and UK to learn how they approach data security within their organizations.
Definition:
active agent 1) Deployed into production and 2) Has relevant “actual activity” in the past 28 days.
“Genuine activities” Defined as one or more engagements with a user (helping agent) or One or more autonomous executions (autonomous agents).
