77% of IT managers say their AI agents are out of control - 5 ways to rein in yours

Innovation Home Innovation Artificial Intelligence 77% of IT managers say their AI agents are out of control - 5 ways to rein in yours The unchecked proliferation of AI agents is leading to a large volume of unsanctioned AI applications. Written by Joe McKendrick, Contributing WriterContributing Writer April 27, 2026 at 6:00 p.m. PT J Studios/ DigitalVision via Getty ImagesFollow ZDNET: Add us as a preferred source on Google.ZDNET's key takeawaysOnly 23% of IT managers have complete control over their agents.A majority say security guardrails will be inadequate within the next six months.Agent management needs to be a 'first-class discipline.'AI agents -- so easy to spin up -- are proliferating out of everyone's control. And that's becoming a problem that may undermine any benefits they are delivering.That's the conclusion of a just-released survey by Rubrik ZeroLabs, which finds that fewer than one in four IT managers (23%) say they have "complete" control over the agents within their organizations. To make matters worse, these agents aren't necessarily delivering the productivity sought. A majority, 81%, report that the agents under their purview require more time in manual auditing and monitoring than they were intended to save via workflow improvements. Security is also less than stellar, the survey adds.Also: Scaling agentic AI demands a strong data foundation - 4 steps to take firstCreating AI agents is easy, and the problem is "users often turn off VPNs or otherwise skirt security controls to spin up agents to act as assistants," the report's authors state. The result is a large volume of unsanctioned AI applications, both internally and launched by vendors. Agent sprawl resembles early cloud adoptionAcross the industry, there is concern that agents are starting to get out of hand, with agent sprawl now a pervasive problem. "We are already seeing patterns similar to early cloud adoption, where teams spin up agents independently using different frameworks and vendors," said Kriti Faujdar, senior product manager at Microsoft. "This leads to fragmentation, inconsistent governance, and hidden security gaps." The authors of the ZeroLabs survey found a disconnect between perceived control and operational reality among agents. Just about all IT managers, 86%, anticipate that agentic proliferation will outpace security guardrails in the next year. More than half (52%) expect this to happen within the next six months. Plus, nearly all respondents indicate they lack the "undo" capabilities necessary to roll back unintended agent actions. Also: How to build better AI agents for your business - without creating trust issuesWith the proliferation of agents across enterprise systems, industry observers worry that such sprawl is becoming too difficult to manage and contain. "Any team with API access can spin up an agent in an afternoon," said Nik Kale, principal engineer with the Coalition for Secure AI. "Multiply that across a large enterprise, and you get hundreds of agents with overlapping permissions, no consistent identity model, and no one who can tell you the full inventory." Agentic observability can be notoriously challenging, and the ZeroLabs authors point to a growing need for telemetry for understanding chains of agentic actions, punctuated by enforcement points for security.5 post-deployment questions Tracking agent viability means answering the following questions post-deployment, as identified by the ZeroLabs study's authors:…

This excerpt is published under fair use for community discussion. Read the full article at ZDNET.