For years, enterprise AI strategy has operated on a simple assumption that once the models get good enough, adoption will follow. That assumption is now being tested — and failing. Model capability has, by most measures, arrived. What hasn’t arrived yet are the infrastructure, security posture, and workflow architecture needed to enable autonomous systems to operate safely within the enterprise.

One clear signal of this gap comes from the federal government itself. When NIST published a formal Request for Information on AI agent security in January 2026, it drew 932 public comments before its March 9, 2026 close—an extraordinary response volume that reflects how urgently practitioners are grappling with problems current frameworks don’t address.

NIST’s own assessment of why is blunt: autonomous agents are being embedded into production environments without the identity management infrastructure, access controls, or audit mechanisms that govern traditional software, even as they write and execute code and chain tool calls across dozens of integrated services.

The security data underlying that concern is sobering. Novel attack strategies against AI agents succeeded 81% of the time in early-2025 red-team exercises referenced in NIST’s internal research — a failure rate that has nothing to do with how well the underlying model reasons.