Cybersecurity · The Register
Companies need to detect a way to continuously monitor agent behavior, monitoring usage patterns
Compiled by KHAO Editorial — aggregated from 1 outlet. See llms.txt for citation guidance.
◌ Single Source
Gartner's analysts said responsible AI education will become as essential as cybersecurity training and will likely fold into mandatory security programs. ®.
Key facts
- With the average Global Fortune 500 enterprise expected to run more than 150,000 AI agents by 2028, up from fewer than 15 today, there’s plenty of room for chaos
- Only 15 percent of respondents said they were considering, piloting, or deploying fully autonomous AI agents, according to Gartner’s 2025 survey of 360 IT application leaders
- As CIOs and IT leaders see an explosion of AI agents across their organizations, many are contending with an ungoverned sprawl of agents," Max Goss, senior director analyst at Gartner, said
- Gartner's governance model calls for a two-tier structure: a centralized AI governance committee at the top — staffed by the CIO, CISO, chief AI officer, enterprise architects, legal and business
Summary
With the average Global Fortune 500 enterprise expected to run more than 150,000 AI agents by 2028, up from fewer than 15 today, there’s plenty of room for chaos. Governance is key to deriving value from AI deployments, according to Gartner researchers who delved into the problem for the company’s Digital Workplace Summit in London this week. "As CIOs and IT leaders see an explosion of AI agents across their organizations, many are contending with an ungoverned sprawl of agents," Max Goss, senior director analyst at Gartner, said at the summit. Half of the organizations Gartner surveyed said that they limited internal AI rollouts to low-risk or trusted users, but, in doing so, those same organizations were less likely to report high returns from their generative AI tools compared with companies that expanded access more broadly under strong governance, with broader adopters being 3.3 times more likely to report higher value. Limiting access is not governance, the analyst firm posited.