MICROSOFT
AI agents are going mainstream, and security teams are not thrilled
AI agents are quickly becoming part of everyday business operations in the UK.
Microsoft found that 62% of UK organisations are already using autonomous AI agents, up from 22% last year.
Another 68% expect them to be fully integrated across their business within the next 12 months.
That rapid growth is also raising security concerns.
84% of leaders say “double agents” or shadow AI agents are becoming a bigger risk. These are agents brought in without proper IT or security oversight.
Unlike older AI tools that mainly produced content or insights, AI agents can take action across apps, systems, and workflows.
That means companies are now managing a growing number of autonomous digital actors alongside people, devices, and software.
Most leaders say current systems are not fully ready for this shift.
86% believe AI agents create new security and compliance challenges, while 80% are concerned about how hard they will be to manage at scale.
Three key points:
AI agents are moving into UK businesses much faster than they were a year ago.
Unauthorised or poorly managed agents are becoming a growing security concern.
AI is helping cyber defence, but it is also adding more complexity for security teams.
Control is catching up
Still, 87% say they are confident they can stop unauthorised agents from being used, despite signs that adoption may be moving faster than oversight.
Microsoft says this is part of a wider trend.
Its latest Cyber Pulse AI Security Report found that more than 80% of Fortune 500 firms are already using AI agents in some form.
At the same time, AI is also being used to strengthen cyber defence.
84% of organisations now use AI for cybersecurity, up from 40% in 2025 and 27% in 2024, helping with threat detection, incident response, and resilience.
Shadow AI was already messy. Shadow AI agents are messier with credentials. - MG