77% of IT managers say their AI agents are out of control - 5 ways to rein in yours

A new survey from Rubrik ZeroLabs reveals that 77% of IT managers lack complete control over the AI agents deployed in their organizations, with only 23% reporting full oversight. The problem is compounded by the fact that 81% of managers say these agents require more time in manual auditing and monitoring than they save through workflow improvements. Security is also a growing concern, as users often bypass VPNs and security controls to spin up unsanctioned agents, leading to widespread agent sprawl. The report warns that 86% of IT managers expect agentic proliferation to outpace security guardrails within the next year, with 52% anticipating this within six months. Additionally, nearly all respondents lack the ability to roll back unintended agent actions, highlighting a critical gap in governance.

Industry experts draw parallels to early cloud adoption, where teams independently spin up agents using different frameworks and vendors, creating fragmentation and hidden security gaps. To address this, the report recommends five post-deployment questions: What did the agent do (traceability)? Why did it do it (reasoning)? What did it touch (audit trails)? Did it succeed safely and at what cost (ROI)? Where did it fail (reproducibility)? Currently, most organizations cannot define acceptable agentic behavior, audit resource access, create human-in-the-loop policies, or roll back actions. The authors emphasize that agent management must become a first-class discipline, with telemetry and enforcement points integrated into agentic systems to regain control and ensure secure, productive deployments.