Agent AI is outpacing security
Microsoft says enterprise adoption of agentic AI is surging faster than security and compliance controls can be rolled out, creating gaps around data leakage and regulatory risk. That imbalance is now a frontline concern for IT and governance teams as autonomous agents move from pilots into production. (uctoday.com)
Microsoft’s Cyber Pulse data shows “more than 80%” of Fortune 500 firms now use active AI agents, a figure Microsoft published in its Cyber Pulse findings. (microsoft.com) The vendor has introduced “Agent 365,” described as an agent control plane to give IT teams centralized visibility, permissions and governance across agents built by Microsoft, partners or internal teams. (microsoft.com) Microsoft expanded Security Copilot with 11 task‑specific agents that integrate with Defender, Purview, Entra and Intune to automate triage and remediation workflows. (theregister.com) Among the concrete risks Microsoft highlights are data exfiltration, “double agent” scenarios where an agent is manipulated to act against policy, and growing insider‑risk vectors; Microsoft has announced data‑loss triage and insider‑risk triage agents for Purview. (securityweek.com) Microsoft’s blogs and reports flag low‑code/no‑code agent construction by non‑technical employees as a primary driver of agent sprawl, creating visibility gaps that unify‑control products like Agent 365 aim to close. (microsoft.com) As part of its mitigation playbook, Microsoft published a Secure Agentic AI guidance package and a Data Security Index recommending consolidated controls, observability, and integration of Entra/Defender/Purview across AI workflows; the secure‑agentic‑AI post appeared March 20, 2026. (microsoft.com)
