Deloitte says only 21% of organizations have mature governance for autonomous AI agents while 73% are concerned. Enterprises are quietly cutting broad per-seat Copilot pilots in favor of narrow, workflow-specific AI tools. CISA added a critical PAN-OS GlobalProtect auth-bypass to KEV the same day. The agent rollout is outpacing governance, and the rollback is the symptom, not the cure.

AI agents are outrunning enterprise security, and the AI rollback is finally getting talked about

The TLDR IT digest on June 8 quietly confirmed what every security team I've talked to this year has been saying: the agent rollout is outpacing the governance rollout by a wide margin. Deloitte's research says only 21% of organizations have mature governance for autonomous AI agents, while 73% are concerned about AI security and privacy risks. Enterprises are not abandoning AI, but they are starting to cut pilots that lack clear ROI, sustainable costs, or manageable risk. And on the same day, CISA added a critical PAN-OS GlobalProtect authentication-bypass vulnerability to its Known Exploited Vulnerabilities catalog.

What You Need to Know: Enterprises are deploying AI agents faster than they can add enforceable governance, monitoring, and identity controls, with only 21% of organizations having mature governance per Deloitte. A quiet "AI rollback" is underway, with enterprises cutting broad per-seat Copilot pilots in favor of narrow, workflow-specific AI tools. CISA added a critical PAN-OS GlobalProtect authentication-bypass vulnerability (CVE-2026-0257) to the Known Exploited Vulnerabilities catalog.

Why It Matters

21% mature governance vs. 73% concerned is the gap that defines 2026. Every enterprise you talk to is rolling out agents. Almost none of them have agent-specific identity, monitoring, and policy enforcement in production. That gap is now the actual attack surface.
The AI rollback is real, but it is selective. Enterprises are not killing AI. They are killing broad per-seat copilots with vague productivity claims and keeping workflow-specific tools with measurable ROI. If your product strategy is built on broad per-seat licensing, the math just changed.
CISA adding CVE-2026-0257 to KEV on the same day is the operational reminder. AI agents are not the only thing security teams are fighting. The classic network attack surface is still there, still being exploited, and still landing on the same dashboards.
For builders: if you are shipping an agent platform, the security primitives are now a procurement gate, not a feature. Identity, observability, and policy enforcement for agents are what enterprise buyers will demand in every RFP through the rest of 2026.

What Actually Happened

Deloitte: agents are live, governance isn't

TechRadar's piece on AI agents as a live operational risk cites Deloitte research showing only 21% of organizations have mature governance for autonomous AI agents, while 73% are concerned about AI security and privacy risks. The gap is structural, not technical. The agents are being deployed by line-of-business teams under the radar of central security, often using SaaS AI products that bypass traditional identity and access management. The pattern is the same one we saw with shadow IT in 2015, except this time the "shadow" is the AI product, and the "IT" is the security team. The fix is not another agent governance framework. The fix is making the existing IAM and observability stack agent-aware, which most are not.

The AI rollback nobody wants to talk about

IT Pro's AI rollback piece documents what is actually happening in enterprise AI programs. Enterprises are not abandoning AI. They are starting to cut pilots that lack clear ROI, sustainable costs, or manageable risk. Workflow-specific AI tools and narrowly scoped agents are surviving; broad per-seat copilots with vague productivity claims are getting cut. The takeaway is uncomfortable for the Copilot-style "everyone gets AI" pitch. The dollars are moving to the vendors that can prove the workflow, prove the ROI, and prove the agent does not require a human in the loop for every decision. The vendors that cannot prove those three things are getting cut first, and the cuts are accelerating.

Palo Alto VPN auth-bypass actively exploited

While the AI governance story was getting all the attention, CISA added CVE-2026-0257, a critical PAN-OS GlobalProtect authentication-bypass vulnerability, to its Known Exploited Vulnerabilities catalog. Rapid7 observed active exploitation in the wild. Palo Alto has issued patches across affected PAN-OS versions. The lesson is the same one we keep relearning. The classic attack surface is still there, still being exploited, and still landing on the same dashboards. The AI agents are not replacing the VPN gateway. They are running alongside it, on top of it, and through it. The security team is fighting on two fronts at once, and most of them are losing on both.

The Take

Here is the part nobody is naming: the AI agent rollout is the first wave of an enterprise IT transformation that the security stack was not designed for. IAM was built for humans. DLP was built for files. SIEM was built for syslog. None of those primitives speak fluent agent. So when an enterprise deploys 50 agents across 12 business units, the security team has no identity for the agent, no observability into what it is doing, and no policy enforcement that applies to its actions. That is not a future problem. That is the present. And the AI rollback is the symptom, not the solution. Cutting Copilot seats does not fix the gap. It just makes the agents that survive harder to find. The actual fix is to extend the existing identity, observability, and policy stack to cover agents, and to do it now, before the rollback narrative hardens into "AI didn't work." It did. The governance did not.

Quick Summary

Deloitte says only 21% of organizations have mature governance for autonomous AI agents while 73% are concerned. Enterprises are quietly cutting broad per-seat Copilot pilots in favor of narrow, workflow-specific AI tools. CISA added a critical PAN-OS GlobalProtect auth-bypass to KEV on the same day. The agent rollout is outpacing the governance rollout, and the rollback is the symptom, not the cure.

AI agents outrun security controls , Enterprises rethink AI