VendorsCloud Security Alliance (CSA)
Cloud Security Alliance (CSA)
Cybersecurity reports and statistics published by Cloud Security Alliance (CSA)
8 categories2 reports
Research Reports
Reports and publications from Cloud Security Alliance (CSA)
Recent Statistics & Reports
52% of organizations say AI agents inherit access originally intended for humans or other systems at least sometimes.
5/27/2026•
Identity ManagementPrivilege ManagementAccess Control
Responsibility for AI agent identity and access is fragmented: 28% of organizations assign primary ownership to security leads, 21% to development/engineering, 19% to IT, and 9% to IAM teams.
5/27/2026•
AI Agent GovernanceIdentity and Access ManagementOrganizational Roles
57% of organizations report moderate or high confidence in identity scoping for AI agents.
5/27/2026•
Identity ManagementRisk AssessmentAI Agents
33% of organizations do not know how often AI agent credentials are rotated.
5/27/2026•
AI AgentsAI Agent CredentialsIdentity Management
22% of organizations report that access frameworks are applied very consistently to AI agents.
5/27/2026•
Access ControlAI AgentsIdentity Management
32% of organizations are uncertain how much time is required to implement and maintain authentication or credential handling for a typical AI agent.
5/27/2026•
AuthenticationAI AgentsIdentity Management
73% of organizations expect AI agents to become vital within the next year.
5/27/2026•
AI Agents
52% of organizations use workload identities for AI agents, 43% rely on shared service accounts, and 31% allow agents to operate under human user identities.
5/27/2026•
Identity ManagementAccess ControlAI Agents
AI agents operate across enterprise workflows: 67% are task automation agents, 52% are research agents, 50% are developer-assist agents, and 50% are security or monitoring agents.
5/27/2026•
AI AgentsEnterprise
85% of organizations use AI agents in production environments.
5/27/2026•
AI AgentsProduction Environments
68% of organizations cannot clearly distinguish between human and AI agent activity.
5/27/2026•
AI AgentsHuman vs AI Agent Activity
49% of organizations disable identities or revoke tokens as containment actions, 42% terminate the compute environment where an agent runs, and 33% remove or modify access policies in real time.
5/27/2026•
Identity ManagementAccess Control
74% of organizations say AI agents often receive more access than necessary.
5/27/2026•
Access ControlPrivilege ManagementAI Agents
79% of organizations believe AI agents create new access pathways that are difficult to monitor.
5/27/2026•
Access ControlAccess MonitoringAI Agents
Over 70% of organizations expect to manage dozens to hundreds of agents within the next 12 months, with 39% expecting 1–100 agents and 31% expecting 101–500 agents.
2/9/2026•
AI AdoptionAutonomous AI Agents
18% of IT and security professionals are highly confident their current IAM systems can manage agent identities effectively, while 35% report moderate confidence, 29% report slight confidence, and 18% report no or uncertain confidence.
2/9/2026•
Identity and Access ManagementSecurity ConfidenceAutonomous AI Agents
58% of organizations estimate they currently have between 1 and 100 agents deployed.
2/9/2026•
AI AdoptionAutonomous AI Agents
40% of organizations are increasing their overall identity and security budgets to accommodate AI agents, with 34% adding a dedicated budget line and 22% reallocating funds from other security areas.
2/9/2026•
Security BudgetInvestmentAI Governance
44% of organizations use or plan to use static API keys and 43% use or plan to use username/password combinations for agents.
2/9/2026•
AuthenticationAPI SecurityCredentials
21% of organizations maintain a real-time registry or inventory of their agents.
2/9/2026•
Agent VisibilityAsset InventoryAutonomous AI Agents
Showing 1-20 of 22 results