AI is no longer on the horizon, it’s already transforming how organizations operate. In just a few years, we’ve gone from isolated pilots to enterprise-wide adoption. According to a recent SailPoint survey, 82% of companies are running AI agents today, often across multiple business functions. These agents aren’t just passive tools; they’re autonomous systems that act, decide, and adapt at remarkable speed and scale. These systems now handle responsibilities once reserved for skilled human oversight, delivering efficiency and innovation at a pace we’ve never seen before. But with that power comes new complexity. Nearly 9 out of 10 companies say their AI agents have already taken unintended actions—from accessing sensitive systems to sharing data without authorization. These AI agents can operate independently and learn, adapt, and interact in ways that are hard to predict. Without strong governance, they can introduce serious vulnerabilities into even the most secure environments. At SailPoint, we believe securing AI agents starts with securing identity. It’s no longer just about “who” can access what. It’s about “what” is acting inside your environment, “how” it’s doing so, and “why.” Proper governance means tracking every AI agent’s access to sensitive data, assigning clear ownership, and enforcing approval workflows before granting or expanding access. Yet only 44% of organizations have formal governance policies for AI agents, and just 52% can track the data these agents touch or share. That’s a governance gap where significant risk can slip through.

Full report : Without the right identity security in place, organizations willl be scaling not just innovation, but also risk, according to SailPoint.

For more see the OODA Company Profile on SailPoint.