Arkose Labs, a leading proactive fraud deterrence provider, has announced its new Agentic AI Security Report, published in conjunction with Tech Studio™, that reveals a huge gap between corporate readiness and funding. Based on feedback from 300 security leaders from around the globe, the findings reflect a shift in how enterprise risk is taking shape. While AI agents have become active participants in operational workflows, using legitimate credentials and interacting across systems in ways that closely resemble trusted activity, security and fraud models have not kept pace.
Enterprise leaders expect near-term impact: Nearly all (97%) of enterprise leaders expect a material AI-agent–driven security or fraud incident within 12 months, with almost half (49%) anticipating impact within six months
These models were designed around human behavior and external threats, and autonomous, AI-driven activity operating continuously across services is harder to interpret and isolate. As a result, understanding how this activity occurs and connects across enterprise-wide systems is becoming central to investigation and response.
“In the rush to benefit from the amazing productivity and efficiency gains that agentic AI represents and, in keeping pace with competitors, many companies deployed it broadly before fully considering the identity, security, and governance issues involved,” said Frank Teruel, Chief Operating Officer, Arkose Labs. “Not only do enterprises need to distinguish between malicious and authorized agents, but they also need to think about those with proper permissions going rogue. It’s the ultimate insider threat.”
Key report findings include:
- Enterprise leaders expect near-term impact: Nearly all (97%) of enterprise leaders expect a material AI-agent–driven security or fraud incident within 12 months, with almost half (49%) anticipating impact within six months.
- Enterprise readiness is not keeping pace with deployment: Organizations allocate an average of about 6% of security budgets to AI-agent risk, and 10% do not track it separately.
- Ownership of AI-agent risk remains fragmented
- Executive engagement remains limited
- Current defenses cannot scale to meet AI-driven attacks
- Attribution is the weakest link in enterprise defense
- Credentialed AI agents are redefining insider risk
- Governance maturity lags deployment velocity
The Arkose Labs Agentic AI Security survey respondents represent major technology platforms, global financial institutions and large-scale enterprises, including many Fortune 500 companies with more than $1B in annual revenue. The 300 enterprise leaders who participated oversee security, fraud, identity, and AI functions within organizations.
Leave a comment