New Apono Report Reveals 98% of Cybersecurity Leaders Are Slowing Agentic AI Adoption Due to Insufficient Security Controls
Gabriel Avner
February 25, 2026
Report finds growing tension between AI acceleration goals and security readiness as autonomous systems move toward production
NEW YORK — February 2026 — Apono, the cloud-native Privilege Access Management platform securing human and agent identities, today released The 2026 State of Agentic AI Cyber Risk Report, a global study examining how enterprises are approaching agentic AI adoption amid rising security concerns. The report finds that while organizations broadly believe in the potential of AI agents and autonomous systems, security readiness is emerging as a primary constraint on scale.
The findings are based on a global survey of 250 senior cybersecurity professionals from organizations with 250 or more employees across North America, Europe, and the Middle East and Africa. The research was conducted in December 2025 by an independent market research firm and focused on how security and technical leaders assess risk, readiness, and accountability as agentic AI moves closer to production environments.
The report highlights a growing tension inside organizations as agentic AI moves closer to production. While executive and technical leadership often champion AI agents as a driver of efficiency and competitive advantage, accountability for AI-related cyber risk remains concentrated with CISOs and security teams — placing security leaders in the role of gatekeepers.
“Cybersecurity leaders are actively slowing agentic AI adoption,” said Rom Carmel, CEO and co-founder of Apono. “There’s a lot of talk about AI agents rapidly taking over enterprise workflows, but the data in our report shows that this simply isn’t the case. On the ground, CISOs are pressing the brakes.”
Ofir Stein, CTO and co-founder of Apono, added: “Organizations are still struggling to secure human access at scale. Expecting CISOs to greenlight broad autonomy to agents without mature identity and access controls in place isn’t realistic. Until those foundations are in place — and our data shows they largely aren’t — agentic AI deployment will continue to be deliberately constrained, regardless of current industry sentiment.”
Key findings from the report include:
- 98% of respondents say security and data concerns have already slowed deployments, added review steps, or reduced the scope of agentic AI and autonomous system projects.
- 77% report moderate slowdowns or added scrutiny, while 21% cite significant delays or reduced project scope.
- 100% agree that attacks targeting agentic AI workflows would be more damaging than traditional cyberattacks.
- Only 21% say their organization feels prepared to manage attacks involving agentic AI or autonomous workflows.
- 98% report friction between accelerating AI adoption and meeting cybersecurity priorities.
These findings stand in contrast to broader market narratives suggesting rapid, near-term replacement of traditional software by AI agents. While experimentation with agentic AI is underway across many organizations, the report shows that CISOs are pressing the brakes as systems approach production, citing the need for stronger controls around identity, access, and permissions before autonomy can safely scale.
Going Forward
While agentic AI capabilities continue to advance with the adoption of LLMs acting on behalf of engineers, and enterprise adoption patterns evolve, the report underscores a clear takeaway: organizations are not rejecting AI agents, but they are demanding stronger security foundations. Addressing long-standing gaps in identity governance, privileged access, and visibility is increasingly viewed as a prerequisite for confident, sustained adoption.
The 2026 State of Agentic AI Cyber Risk Report is available on Apono’s website. Download your copy here to explore the full findings.
About Apono
Apono provides Zero Standing Privilege access for cloud infrastructure, databases, Kubernetes, SaaS, and operational resources. By automating access privilege provisioning based on intent, risk, and operational context, Apono helps organizations such as Intel, HPE, and Workday enforce Zero Trust without slowing down engineering, operations, or incident response.
