2026: The Year Agentic AI Becomes the Attack-Surface Poster Child - Dark Reading

Threat IntelligenceCyber RiskCybersecurity OperationsVulnerabilities & ThreatsNews2026: The Year Agentic AI Becomes the Attack-Surface Poster ChildDark Reading asked readers whether agentic AI attacks, advanced deepfake threats, board recognition of cyber as a top priority, or password-less technology adoption would be most likely to become a trending reality for 2026.Tara Seals,Managing Editor, News,Dark ReadingJanuary 30, 20268 Min ReadSource: Robert Evans via Alamy Stock PhotoAs the digital landscape continues to transform, the security challenges organizations face are naturally evolving as well. The new year brings a bit of consensus around what's shaping security teams' priorities in 2026, and, surprise, surprise, a focus on agentic AI risk leads the pack, according to the latest Dark Reading readership poll.The poll takes its cues from the final Reporter's Notebook videocast discussion of the year last month, in which cybersecurity experts Rob Wright from Dark Reading, David Jones from Cybersecurity Dive, and Alissa Irei from Tech Target Search Security break down a collated list of all the insights that people sent Dark Reading reporters in December regarding 2026 security operations predictions. We decided to poll readers on the top 4 (the ones most often cited by the experts that contacted the Dark Reading news team), and the results were enlightening:What's clear is that agentic AI is widely considered the next big target for cybercrime; and people don't have a lot of confidence that the lackluster password situation too many organizations are dealing with is going to change any time soon. Related:Iran Hacktivists Make Noise but Have Little Impact on WarAgentic AI & Autonomous Systems Become Primary Cyber TargetsNearly half (48%) of respondents believe agentic AI will represent the top attack vector for cybercriminals and nation-state threats by the end of 2026. It's a decent bet, given that agentic AI continues to gain ground at enterprises of all stripes. They're adopting it to streamline operations, to implement things like predictive maintenance and smart manufacturing, and to keep up competitively in realms like software development — amongst many, many other use cases. Amid the growing exuberance for the semi-autonomous (and highly permissioned) technology is a worry that headlong barreling to join the fray will come at the expense of prioritizing security. "It's good to see this one topping the charts," says Rik Turner, chief analyst for cybersecurity at Omdia. "The expanded attack surface deriving from the combination of agents' levels of access and autonomy is and should be a real concern. A particular worry here, in my humble opinion, is if we see a rush to adopt agentic that results in developers deploying insecure code. There's already talk of the need to discover what open source model context protocol (MCP) servers are being thrown into the mix by devs keen to deliver on projects by the deadline. This, combined with what seems to be the widespread (nay, wholesale) adoption of vibe coding in 2025 suggests there are a lot of people assembling entirely insecure and vulnerable infrastructure already."Related:How a Large Bank Uses AI Digital Twins for Threat HuntingThese concerns are exacerbated by the rise of open source AI agents and "shadow AI," which employees might be importing into work environments with no oversight from the security team.The poll's top finding is consistent with Omdia's internal Decision Maker Survey, which found that AI adoption is at the top of the list for corporate security concerns; and specifically, securing AI and agentic AI is top of mind for security teams wanting to support their company initiatives for growth."AI raises the stakes for security because AI enables automation and scale, so we have attackers using AI to launcher wider scale attacks to find vulnerabilities," explains Melinda Marks, practice director for cybersecurity at Omdia. "At the same time, organizations are using AI to scale their productivity. We looked to technical innovations in the past to incrementally increase productivity, but now agentic AI and autonomous systems can scale productivity by five times or 10 times. But that also exponentially increases attack surfaces, including access points with non-human identities."  All of that said, Geoffrey Mattson, CEO at SecureAuth, also believes the poll results reveal a critical blind spot in AI security thinking. Related:Cyber OpSec Fail: Beast Gang Exposes Ransomware Server"While everyone's worried about AI systems being attacked, the real vulnerability is what those AI agents can access once they're compromised," he stresses. “Traditional guardrails and prompt injection defenses are proving insufficient. That's why we're seeing authentication and access control, not AI safety features, emerge as the actual battleground for securing autonomous systems."You can't LLM your way out of an LLM problem," he notes, referring to on-board AI-driven security. "The enterprise AI control plane needs to shift from trying to secure the models themselves to enforcing continuous authorization on every resource those agents touch."Deepfakes: Top Social Engineering Vector for Big Targets Nearly a third (29%) of Dark Reading respondents believe that deepfakes are well on their way to becoming the main way that cyberattackers target so-called "big fish" — the Fortune 500, CEOs and top execs, and governments."Interesting, because deepfakes have been a concern that’s been talked about at least since ChatGPT first saw the light of day in November 2022, but they were a bit of a slow burner till last year," Turner notes. "There were a few horror stories earlier, of course, such as the infamous $25 million one in Hong Kong that involved a video call with the bogus CFO, but it seems like it took till 2025 for deepfakes to go mainstream. Presumably that's because there is so much AI slop now being produced that at least some of it rises to the level of truly convincing."And indeed, deepfakes have become run-of-the-mill tactics within the ongoing North Korea fake worker campaign, a state-sponsored effort designed to enrich the DPKR regime. And tools available online and being pioneered by researchers are increasingly sophisticated. At the same time, many enterprises aren't really investing in defenses against the tactic.Marks notes that the concern over deepfakes in Omdia's survey emphasized rapid response compared to prevention. "Practicing security fundamentals, such as gaining full visibility, implementing testing, setting policies and controls, are all helpful for prevention, but there is a general understanding that attacks can and will still occur, so rapid detection and response is crucial," she says.Boards Recognize Cyber-Risk as a Tier 1 Operational PriorityComing in with just 13% of the vote for 2026's “Most Likely to Succeed” prediction, the elevation of cyber-risk to a Tier 1 operational priority for boards performed better than Turner expected it to."I'd like to think this is correct, but I have my doubts," he explains. "I wonder whether the existence of cyber-risk insurance: (a) helps focus their minds, (b) further muddies the water, or, indeed, (c) serves as a pseudo security blanket."Ironically given the poll results, the growth of agentic AI should have a halo effect on how cybersecurity risk is seen within enterprises, according to Amy Worley, leader of BRG's Privacy and Information Compliance practice group."The more hopeful side of me wishes that this answer had won the poll, as I think boards under-rate the risk in the space significantly," she says. "Agentic AI is a critical security risk that is likely to move beyond passive or prompt-directed content into autonomous decision-making with the ability to operate across systems, often with elevated privileges. Because there are no humans monitoring AI agents, small errors, or malicious injections can balloon into large security events."The threat is real and imminent and "with it comes the opportunity for the board and executives to implement safety and security measures designed specifically to address agentic AI threats and vulnerabilities, which requires budget and foresight," she adds.Omdia’s Marks points out that even non-AI-related system outages and data loss from cyberattacks remain big operational concerns and likely should rise to the level of Board Fave, as it were."This is why security leaders need to work closely with other teams to align on business goals and plans for technology adoption to ensure success and help support business growth," she says.Password Elimination & Passkey AdoptionAnd finally, in the also-ran category, only 10% of the Dark Reading respondents think password elimination and passkey adoption are likely to become the norm this year. That’s not to say that password protections are off the radar screen for security teams, but the stronger forms of authentication are taking a backseat when it comes to investment and focus, says Adam Etherington, practice leader for cybersecurity at Omdia."This seems like a big risk, as agentic systems are now nearly everywhere," he says, bringing the conversation full circle to agentic AI risk. "Major ISVs like SAP, Oracle, Salesforce, and ServiceNow all have agentic capability that leverages API connectors, MCP, and non-human identities (NHIs) to stitch together business solutions. IT and security are scrambling to keep pace with emerging threats from these vectors."Citing stats from the Omdia Decision Maker Survey, he says that chief information security officers (CISOs) are least concerned about email security, and staff training and awareness, with both categories getting the lowest marks for prioritization. Both are, of course, intimately tied to password policies and employee security hygiene.Still, there's positive movement afoot: "Passkeys have definitely gained huge momentum over the last couple of years, thanks in no small measure to the fact that some of tech’s Big Beasts, such as Microsoft and Google, have endorsed and embraced their use," Turner says, adding that he's nonetheless with the 90% who don’t see elimination becoming the norm, at least not in 2026. "Whether passwords are set for the dustbin of history à la phone boxes and telex machines, or in fact will retain hardy perennial status like vinyl records, remains to be seen," he notes.Read more about:CISO CornerAbout the AuthorTara SealsManaging Editor, News, Dark ReadingTara Seals has 20+ years of experience as a journalist, analyst and editor in the cybersecurity, communications and technology space. Prior to Dark Reading, Tara was Editor in Chief at Threatpost, and prior to that, the North American news lead for Infosecurity Magazine. She also spent 13 years working for Informa (formerly Virgo Publishing), as executive editor and editor-in-chief at publications focused on both the service provider and the enterprise arenas. A Texas native, she holds a B.A. from Columbia University, lives in Western Massachusetts with her family and is on a never-ending quest for good Mexican food in the Northeast.See more from Tara SealsWant more Dark Reading stories in your Google search results?Add Us NowMore InsightsIndustry ReportsFrost Radar™: Non-human Identity Solutions2026 CISO AI Risk ReportCybersecurity Forecast 2026The ROI of AI in SecurityThreatLabz 2025 Ransomware ReportAccess More ResearchWebinarsBuilding a Robust SOC in a Post-AI WorldRetail Security: Protecting Customer Data and Payment SystemsRethinking SSE: When Unified SASE Delivers the Flexibility Enterprises NeedSecuring Remote and Hybrid Work Forecast: Beyond the VPNAI-Powered Threat Detection: Beyond Traditional Security ModelsMore WebinarsEditor's ChoiceCybersecurity OperationsWhy Stryker's Outage Is a Disaster Recovery Wake-Up CallWhy Stryker's Outage Is a Disaster Recovery Wake-Up CallbyJai VijayanMar 12, 20265 Min ReadWant more Dark Reading stories in your Google search results?2026 Security Trends & OutlooksThreat IntelligenceCybersecurity Predictions for 2026: Navigating the Future of Digital ThreatsJan 2, 2026Cyber RiskNavigating Privacy and Cybersecurity Laws in 2026 Will Prove DifficultJan 12, 2026|7 Min ReadEndpoint SecurityCISOs Face a Tighter Insurance Market in 2026Jan 5, 2026|7 Min ReadDownload the CollectionKeep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.SubscribeWebinarsBuilding a Robust SOC in a Post-AI WorldThurs, March 19, 2026 at 1pm ESTRetail Security: Protecting Customer Data and Payment SystemsThurs, April 2, 2026 at 1pm ESTRethinking SSE: When Unified SASE Delivers the Flexibility Enterprises NeedWed, April 1, 2026 at 1pm ESTSecuring Remote and Hybrid Work Forecast: Beyond the VPNTues, March 10, 2026 at 1pm ESTAI-Powered Threat Detection: Beyond Traditional Security ModelsWed, March 25, 2026 at 1pm ESTMore WebinarsWhite PapersAutonomous Pentesting at Machine Speed, Without False PositivesFixing Organizations' Identity Security PostureBest practices for incident response planningIndustry Report: AI, SOC, and Modernizing CybersecurityThe Threat Prevention Buyer's Guide: Find the best AI-driven threat protection solution to stop file-based attacks.Explore More White PapersGISEC GLOBAL 2026GISEC GLOBAL is the most influential and the largest cybersecurity gathering in the Middle East & Africa, uniting global CISOs, government leaders, technology buyers, and ethical hackers for three power-packed days of innovation, strategy, and live cyber drills.📌 Book Your Space