The agent boom is becoming a management problem
Enterprise AI agents are easy to launch, easy to duplicate, and increasingly hard to track. That is the central warning from a new Rubrik ZeroLabs survey highlighted in the source material, which found that only 23% of IT managers say they have complete control over the agents operating inside their organizations. Read another way, roughly three out of four do not.
The number is striking because the current discussion around AI agents often emphasizes speed and productivity. Vendors pitch agents as software that can act with autonomy, take on repetitive work, and reduce the need for direct human intervention. The survey suggests many companies are discovering the less glamorous side of that promise: once agents spread across teams, tools, and vendors, governance can trail badly behind adoption.
The concern is not just administrative untidiness. The source text says 81% of respondents report that the agents under their purview require more time in manual auditing and monitoring than those agents were intended to save through workflow improvements. That turns a core automation claim on its head. If organizations spend more effort supervising agents than they recover in efficiency, the business case becomes harder to defend.
From productivity tool to security exposure
The survey also frames agent sprawl as a security problem. According to the source text, 86% of IT managers expect agentic proliferation to outpace security guardrails in the next year, and 52% think that gap could emerge within six months. That is not a distant risk scenario. It implies that many technical leaders see the control problem as immediate.
The mechanics are familiar. The source material says users can skirt controls, including turning off VPNs or otherwise bypassing security measures, in order to spin up agents that act as assistants. The result is a growing volume of unsanctioned AI applications, both internally and through outside vendors. In effect, agents may be replaying a pattern that enterprise technology has seen before: rapid grassroots adoption first, governance architecture later.
That comparison appears directly in the material. Kriti Faujdar, a senior product manager at Microsoft quoted in the piece, says the pattern resembles early cloud adoption, when teams launched services independently with different frameworks and vendors. The consequences then were fragmentation and hidden security gaps. The concern now is that AI agents, because they can act rather than merely store or process data, may amplify those risks.
Why “complete control” is such a high bar
It is worth being precise about what the survey appears to be measuring. “Complete control” is a demanding standard. It implies not just knowing that agents exist, but understanding where they are deployed, what data they can access, what systems they can act on, who approved them, how they are monitored, and how their actions can be reversed.
That last point is especially important. The source says nearly all respondents indicate they lack the “undo” capabilities needed to roll back unintended agent actions. In conventional software governance, reversibility is foundational. If a system misbehaves, operators want a clear audit trail and a reliable recovery path. With autonomous or semi-autonomous agents, the lack of rollback becomes more consequential because the systems are designed specifically to act across workflows.
This is the difference between a chatbot answering questions and an agent making changes in connected systems. Once the technology starts touching approvals, records, customer communications, or internal processes, governance stops being a procurement checkbox and becomes an operational discipline.
What organizations are learning in real time
The broader lesson is that enterprise AI is maturing into an institutional problem, not just a tooling problem. For the last two years, many organizations have focused on experimentation. They wanted to know what agents could do, how quickly teams could build them, and where productivity gains might appear. That phase is now colliding with questions of inventory, accountability, security, and labor overhead.
The survey numbers suggest some of the expected savings are being offset by supervision costs. That does not mean agents are failing everywhere. It means many organizations are still in an unmanaged expansion phase, where deployment is outpacing operating discipline. In that environment, enthusiasm can survive for a while, but trust gets harder to sustain.
The source text argues that agent management needs to become a “first-class discipline.” That is probably the most useful framing in the entire report. Companies already treat identity, endpoints, cloud assets, and data access as governance domains with dedicated tooling and procedures. The survey implies AI agents are heading for the same status.
The next phase of the AI agent market
If that shift takes hold, the market around agents may change quickly. The winners will not necessarily be only the vendors with the most impressive demonstrations. They may be the ones that make deployment legible to security and IT teams: inventory controls, permission boundaries, action logs, rollback options, and clear operating policies.
That would represent a more sober phase of enterprise AI adoption. Instead of asking only what agents can automate, buyers would ask whether those agents can be governed at scale. The survey does not say the agent wave is reversing. If anything, it suggests the opposite: adoption is moving fast enough that many organizations already feel behind.
The key shift is that uncontrolled growth is no longer being treated as a temporary inconvenience. It is becoming one of the defining risks of enterprise AI. Companies that solve for sprawl, visibility, and reversibility may be the ones that capture the real long-term value of agents. Those that do not may find themselves spending the next year auditing systems that were supposed to save time in the first place.
This article is based on reporting by ZDNET. Read the original article.
Originally published on zdnet.com
