In a nutshell: European enterprises are deploying AI agents faster than they establish governance frameworks, resulting in security incidents involving non-human identities.
A survey among participants of Infosecurity Europe 2026 reveals a governance gap: enterprises are implementing AI agents and non-human identities (NHI) faster than they build security structures to protect them.
Infosecurity Europe 2026 surveyed a group of enterprise representatives on the security situation surrounding AI agents and non-human identities — a growing area in enterprise environments where systems and services operate without direct human intervention.
The results reveal a critical asymmetry: more than half of the surveyed European enterprises have already experienced a security incident involving NHI components. At the same time, implementation of these systems is proceeding significantly faster than the establishment of governance structures, authentication, authorization, and monitoring capabilities necessary to secure them.
For CISOs, this presents an immediate risk: NHI systems can be exploited as attack vectors when lacking adequate control and oversight — whether through uncontrolled privilege escalation, misconfiguration, or side-channel exploitation. The absence of governance makes it difficult to trace incidents or even recognize when an agent has been compromised.
Enterprises should establish the foundation before large-scale NHI deployment: identity management for non-human entities, granular access controls, continuous monitoring, and incident response processes for automated systems.
Source: itwelt.at · Published June 15, 2026
Lumi AI News — AI-assisted curation pursuant to Art. 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.1.