Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This week, we released our 2026 State of Agentic AI Risk Report, a global survey of 250 senior cybersecurity leaders examining how enterprises are approaching agentic AI as it moves closer to production. The findings point to a clear reality. While AI agents are advancing quickly, security leaders are deliberately slowing adoption. In fact, 98% of respondents say security and data concerns have already slowed deployments, added scrutiny, or reduced the scope of agentic AI initiatives.

A handful of services quietly redeploy. No one directly manages the traditional network perimeter. But somewhere along the way, an API key ends up in the wrong place. The reality of modern cloud security is that new identities are created fast, and permissions are granted broadly to keep things moving. Over time, these permissions collect unused rights and drift away from least privilege.

Today, we’re excited to announce that Apono Assistant is now available in Slack. Apono Assistant is Apono’s AI-powered access assistant, built to help engineers request the right Just-in-Time access using natural language — especially in the moments where access forms fall short and users aren’t sure what to request. Now, that same AI experience is available directly in Slack, so engineers can get the access they need without leaving the tools they already rely on every day.

Report finds growing tension between AI acceleration goals and security readiness as autonomous systems move toward production NEW YORK — February 2026 — Apono, the cloud-native Privilege Access Management platform securing human and agent identities, today released The 2026 State of Agentic AI Cyber Risk Report, a global study examining how enterprises are approaching agentic AI adoption amid rising security concerns.

Picture this: it’s 2am, your pager goes off, and you’re staring at a production database that’s on fire. You know exactly what’s wrong. You know exactly how to fix it. But you can’t touch anything because you’re waiting on someone to approve your access request. Meanwhile, your customers are down, your SLAs are bleeding out, and you’re refreshing Slack, and every minute you spend waiting is another minute of damage you could’ve prevented.

At some point, something bad always happens. Incidents like NHI sprawl and data ownership are always preventable. A supply chain attack finds its way either through upstream infiltration or downstream delivery. However, despite being aware of this, the problem persists. 54% of large organizations see supply chain challenges as a barrier to cyber resilience. There is complexity and interdependency among different systems, software, and teams that require access to one another.

So you’ve got a groundbreaking product that has outstanding market fit. Your prospects love it and are raring to buy. Amazing. But before they can hit approve on the order, they need to make sure you’re SOC 2 or ISO 27001 compliant because their compliance officer won’t let them work with any vendor that hasn’t passed their audit. This is the joy of selling to regulated customers — which today, let’s be honest, is almost everyone.

In 2026, you’re not just managing clusters and pipelines; you are managing the risk associated with the data flowing through them. As environments become decentralized and agentic, traditional, static data governance policies have morphed from inefficient to a security liability. The financial stakes of data governance failures have reached an all-time high. The average cost of a data breach in the United States has reached $10.22 million.

As organizations increasingly leverage Kubernetes for modern, cloud-native applications, the challenge of managing these environments securely and at scale grows. A centralized platform is needed to simplify Kubernetes operations, enabling deployment, management, and security across cloud, on-prem, and edge locations. Crucially, access to these Kubernetes environments, particularly production clusters, demands stringent control.

Today we’re introducing Extending Access Duration, a new capability designed to solve a problem we kept hearing about from customers who rely on short-lived, approved access to sensitive systems. Just-in-Time access is the right model for protecting critical resources. But real work does not always fit neatly into the time window defined when an access flow was created.

Getting ready for a SOC 2 audit can feel like an endless checklist. You already have tools collecting logs, provisioning users, and pulling reports from your systems, yet proving compliance still feels harder than it should be. The biggest pain in SOC 2 is not collecting data. It is managing access in a way that continuously aligns with your own policies.

An engineer gets a notification at 2 a.m. because something in production is broken. They need database access right away. For many teams, that access is already sitting there. Standing permissions granted for a past need that no longer exists. Credential abuse is still the most common way for a breach to start. It accounts for roughly 22% of initial attack paths, which is actually ahead of vulnerability exploitation at 20%. In many cases, attackers are not breaking in or exploiting a flaw.