Over 40% of agentic AI projects will be canceled by the end of 2027, due to escalating costs, unclear business value, or just inadequate risk controls, (at least as per Gartner’s latest predictions).
“Inadequate risk controls” stood out most to me.
Why? Because companies are building agents without Zero Trust, then acting shocked when they go rogue, leak data, or burn through $100K in compute chasing hallucinated goals.
While they panic about that 40% failure rate, AWS just announced Amazon Bedrock AgentCore with "secure deployment at enterprise scale" as the lead feature. Oracle's pushing Gemini integration with "security, adaptability, and scalability" as the selling points. Microsoft's going all-in on MCP (Model Context Protocol) across their entire stack.
These companies aren’t arguing back and forth about whether or not agents will work. They're recognizing that it’s all happening and doing what they can to be the security layer that makes them safe.
A few observations on this:
1. Memory poisoning is the new SQL injection: OWASP just ranked memory poisoning as the #1 threat for agentic AI. Not prompt injection. Not jailbreaks. Memory poisoning—where attackers gradually corrupt an agent's long-term memory to alter its behavior over time. This is exactly what Zero Trust was built for!!! (Sorry, just shouting for the folks in the back.) The lesson stands. NEVER trust stored state, ALWAYS verify. (Shouting’s over.)
2. The "Agentic Security" Gold Rush is on. ReliaQuest launched "Agentic Teammates." Qualys announced "Cyber Risk Agents." Everyone's using agents to secure other agents. (This is a great beginning to a SciFi movie but also real life and happening now).
It's agents all the way down. But guess what they all have in common? They're implementing identity verification, behavioral monitoring, and tool-use boundaries. They're building Zero Trust but not actually calling it that.
3. Google's Big Sleep changed everything. Google's AI agent just prevented a zero-day from being exploited IN THE WILD. Not found it—stopped it before hackers could use it. This isn't defense any longer. It's preemptive security. And it only works because Google's agent operates with clear boundaries and verification at every step.
A few reddit posts that caught my eye:
Developers arguing about whether agents need "fear" (My hot take: they need boundaries, not emotions).
Multiple threads about MCP security risks (everyone wants the functionality, nobody wants to think about auth).
Growing consensus that stateful agents are exponentially more dangerous than stateless LLMs.
What this means for business leaders:
The 40% who fail will be the ones who treated agents like chatbots with API access. The 60% who succeed will have one thing in common: They built security in from day one.
Every major cloud provider is now selling "secure agentic AI." But they're only selling YOU the components. You still have to architect it right.
This is your moment. While other companies debate whether agents are "ready," you're showing companies how to be in the 60% that succeeds.
The companies panicking about Gartner's prediction are the same ones who thought they could deploy agents without identity management, access controls, or behavioral monitoring. As for MassiveScale.ai, we’re too busy building the infrastructure that makes agents boring enough to trust.
P.S. - Saw someone on Reddit say "MCP is just OAuth for AI agents." They’re not entirely wrong. Just missing this: MCP without proper access controls is like Facebook's API in 2014—technically functional but giving away the keys to the store to anyone who asks for them.
The good news is you can build amazing agents that don’t give away the keys to your company. Book a free "Find your first agent" consultation to get started. Or pre-order the book "Agentic AI + Zero Trust: A Guide for Business Leaders" today.