Cisco Report: 85% of Enterprises Experimenting with Agentic AI, But Only 5% Have Security Infrastructure Ready

Cisco released its latest State of AI Security insights on March 30, 2026, revealing a stark disconnect between enterprise agentic AI adoption and security readiness. The headline statistic: 85% of enterprises are already experimenting with agentic AI, but a mere 5% have the infrastructure in place to securely manage these autonomous systems.

Jeetu Patel, Cisco's president and chief product officer, framed the challenge in workforce terms: 'AI agents aren't just making existing work faster; they're a new workforce of co-workers that dramatically expand what organizations can accomplish. Projects shelved for lack of resources are now within reach. The only limit is imagination, and security teams are the key to unlocking this opportunity by making the agentic workforce safe enough to trust.'

Cisco outlined three security priorities for the agentic workforce:

1. Protecting the world from agents — Ensuring agents can only act as intended
2. Protecting agents from the world — Preventing manipulation or corruption of agents
3. Detecting and responding to AI incidents at machine speed — Because agent-caused incidents unfold faster than human response times

To address these challenges, Cisco is shipping several new capabilities:

Zero Trust Access for AI Agents:

• Strict Access Control: Agents are assigned fine-grained permissions only for specific tasks they perform, with all tool traffic routed through an MCP gateway to eliminate blind spots
• Agent Identity Management: Customers can register agents in Duo IAM and map them to accountable human owners, ensuring every agent has a verified identity and enabling action traceability
• Agent and Tool Visibility: Cisco Identity Intelligence discovers agentic and non-human identities to help organizations understand existing AI usage

AI Defense Explorer Edition: Cisco is democratizing enterprise-grade AI security testing by launching a self-service solution built on the same AI Defense Validation engine used by Global 2000 customers. After signing up, users can red-team AI models and applications that will be deployed into agentic workflows, uncovering susceptibility to attacks and measuring risk posture before deployment.

Splunk Integration: Cisco is leveraging Splunk capabilities to embed AI into key SOC workflows, enabling security operations centers to handle the volume and speed of AI agent-related security events.

The 5% readiness figure contrasts with a separate finding that only 29% of organizations say they are prepared to secure agentic AI deployments even as they rush to implement them. This gap represents both a significant risk and a massive market opportunity for security-focused AI platforms.