Skip to content
AM-205
← Back to ledger
Holding·last review8 Jun 2026

Enterprises systematically overestimate their visibility into AI agents (Cloud Security Alliance, Apr 2026: 82% had discovered at least one AI agent running without their security or IT team's knowledge in the past year while 68% believed they had strong visibility, with only 21% running any formal agent decommissioning process), and because a written policy cannot be enforced against agents nobody can see, continuous discovery rather than policy is the binding first control.

Anchored on the CSA + Token Security survey 'Autonomous but Not Controlled: AI Agent Incidents Now Common in Enterprises' (published 21 Apr 2026, n=418 IT/security professionals, fielded Jan 2026): 82% found at least one unknown AI agent in the past year, 68% believe they have strong visibility, 65% had an AI agent security incident, of those incidents 61% involved data exposure, 21% run a formal decommissioning process; Itamar Apelblat (CEO/Co-Founder, Token Security) quote. Scale anchored on CrowdStrike press release (23 Mar 2026): 1,800+ distinct AI applications across ~160 million unique instances, Shadow AI Discovery for Endpoint capability; Michael Sentonas (President) quote. VERIFIED 2026-06-08 via cloudsecurityalliance.org press release/artifact and crowdstrike.com press release. PRECISION: the 61% data-exposure figure is of the incident group (65%), not all 418 respondents — stated as such in the body. Distinct from AM-204 (NHI governance vacuum — machine-identity scale/lifecycle) and AM-168/shadow-ai-discovery-playbook (broad shadow AI): this piece's core is the believed-vs-actual visibility gap and discovery-as-first-control. 90-day cadence. Triggers: (1) a later large-sample survey showing find-rate and believed-visibility converging; (2) discovery tooling becoming a default in major endpoint/cloud platforms; (3) incident data showing policy maturity, not discovery, separates breached from unbreached. Siblings: AM-204 (NHI governance vacuum), the shadow-AI discovery playbook, approved-tool-unapproved-capability.

Published
8 Jun 2026
Last reviewed
8 Jun 2026
Next review
+89d· 6 Sep 2026
Source piece
Shadow AI discovery: the visibility you think you haveRead piece →
Primary sources
Permalink/holding/AM-205/
Embed this claimiframe + oEmbed
HTML iframe
Paste-the-URL (Substack, Medium, Notion, WordPress)

The card auto-updates when the claim's status, last-reviewed date, or correction log changes. Embedders never need to refresh — the card is rendered live from the canonical record.

Watch this claim

Email-me when AM-205's status, next review date, or correction log changes. One email per change. No newsletter subscription, no other mail.

The claim: Enterprises systematically overestimate their visibility into AI agents (Cloud Security Alliance, Apr 2026: 82% had discovered at least one AI agent running without their security or IT team's knowledge in the past year while 68% believed they had strong visibility, with only 21% running any formal agent decommissioning process), and because a written policy cannot be enforced against agents nobody can see, continuous discovery rather than policy is the binding first control.

About this register

The Reporting register tracks claims published from articles addressed to senior enterprise IT leaders — CIOs, IT directors, heads of platform. Claims are reviewed on a 30–90 day cadence; each review either reaffirms the claim, marks one substantive part as Partial, or marks it Not holding once the underlying evidence has been overtaken.

Recent corrections in Reporting

  • AM-003 · Partial · 28 May 2026

    Pricing/model drift: a $100/mo Pro tier now sits beside the $200 tier (added 9 Apr 2026) and the premium model is GPT-5.5 Pro. Core thesis holds; the single-$200-tier framing no longer matches. Re-verify current tiers at chatgpt.com/pricing.

  • AM-002 · Not holding · 06 May 2026

    URL state changed. The /the-agentic-ai-revolution-real-world-success-stories-and-strategic-insights-from-2024-2025/ slug now serves a deliberately rewritten retrospective (claimId AM-130, "Agentic AI 2024-2025 retrospective", published 04 May 2026) against audited primary sources. The 28 Apr 2026 redirect to /retractions/ has been lifted to allow that. AM-002 the claim remains Not holding — the original $3.50/dollar + 70% failure-rate framing was withdrawn and is not restored. AM-130 is a separate claim with its own evidence chain. Readers arriving at /holding/AM-002 see the withdrawal here; the article link surfaces the new piece at the URL the original lived at, with this entry as the audit trail.

  • AM-121 · Holding · 2 May 2026

    Klarna walk-back primary-source upgrade — added Siemiatkowski verbatim quotes via Bloomberg-cited-by-Fortune (9 May 2025) and the Uber-style freelance hiring detail via Entrepreneur. Closes the highest-priority evidence gap from the source dossier.

Reviews coming up in Reporting

  • AM-020 · Holding · next +9d (18 Jun 2026)

    The 40-60% TCO underestimate on enterprise agentic-AI deployments is not a cost-visibility failure — it is a cross-depa…

  • AM-023 · Holding · next +9d (18 Jun 2026)

    The 10 Apr 2026 Google AI Mode rollout to eight markets is the first vertical (restaurant booking) where agentic search…

  • AM-001 · Holding · next +9d (18 Jun 2026)

    70% of AI-implementation failure is people and process, not technology — cultural transformation is the strongest predi…

Referenced within Agent Mode AI by · 1 piece