The cybersecurity landscape is rapidly evolving, and as we enter 2026, the focus on agentic AI as a significant risk factor is more pronounced than ever. Recent findings indicate that a majority of cybersecurity professionals believe that agentic AI will be the top attack vector for cybercriminals and nation-state threats by the end of the year.
According to a recent readership poll, nearly 48% of respondents indicated that agentic AI would be the primary target for cybercrime. This concern stems from the widespread adoption of agentic AI technologies across various industries. Enterprises are increasingly leveraging these tools to enhance operational efficiency, implement predictive maintenance, and stay competitive in sectors like software development.
Concerns Surrounding AI Adoption
As organizations rush to integrate agentic AI into their operations, security experts warn that this eagerness may lead to inadequate attention to security protocols. Rik Turner, a chief analyst for cybersecurity, noted, "The expanded attack surface resulting from the combination of agents' levels of access and autonomy is and should be a real concern." He highlighted the risk associated with deploying insecure code and the potential vulnerabilities introduced through open-source AI agents.
Furthermore, the poll's findings align with broader industry research indicating that AI adoption is a top concern for corporate security teams. Melinda Marks, practice director for cybersecurity, pointed out that while organizations are utilizing AI to scale productivity, attackers are also leveraging AI for more sophisticated and widespread attacks.
Deepfake Technology: A Growing Threat
In addition to agentic AI, deepfake technology is emerging as a significant cybersecurity concern. Approximately 29% of respondents believe that deepfakes will become a primary tool for cybercriminals targeting high-profile individuals and organizations. Turner noted that deepfakes have gained traction as a tactic, especially as they have become more sophisticated and accessible.
Despite previous skepticism about deepfakes, the sophistication of these tools has increased dramatically, leading to their mainstream adoption in various cyber campaigns. Organizations, however, have been slow to invest in defenses against such tactics, often prioritizing rapid detection and response over preventive measures.
Board-Level Recognition of Cyber Risks
Interestingly, only 13% of respondents believe that recognizing cyber risk as a Tier 1 operational priority is likely to succeed in 2026. While this figure is lower than some anticipated, it still reflects a growing awareness of the critical nature of cybersecurity at the board level.
Amy Worley, a leader in privacy and information compliance, emphasized the necessity for boards to recognize the risks associated with agentic AI, which can operate autonomously and make decisions without human oversight. She warned that failures to address these risks could lead to significant security incidents.
Challenges with Password Security
Lastly, only 10% of respondents expect password elimination and passkey adoption to become the norm in 2026. Although stronger forms of authentication are essential, many organizations are not prioritizing them sufficiently. Adam Etherington, a practice leader in cybersecurity, expressed concern that the focus on agentic AI could overshadow the need for robust password policies.
Despite the slow adoption of passkeys, significant momentum is building, thanks in part to endorsements from major technology companies. However, experts remain skeptical about the complete elimination of passwords, suggesting that they may endure in some capacity even as the landscape evolves.
In conclusion, as we look ahead to 2026, the potential threats posed by agentic AI, deepfakes, and evolving cybersecurity practices are clear. Organizations must prioritize security measures that address these emerging challenges to safeguard their operations and data.
Source: Dark Reading News