Dive Brief:
- Businesses are moving more AI pilots into production in concert with strengthened governance, according to KPMG’s AI Quarterly Pulse Survey for Q3, published Thursday. The report surveyed 130 C-suite and business leaders representing organizations with an annual revenue of $1 billion or more in the U.S.
- More than 2 in 5 companies are actively deploying AI agents, up from 11% in Q1 and 33% in Q2. The number of companies exploring and piloting the technology has dropped as more projects reach wider implementation.
- With more agentic experience under their belts, businesses are fortifying guardrails and oversight. More than 3 in 5 leaders said they are putting humans in the loop due to a lack of trust, up from 45% last quarter. More leaders are also limiting agent access to sensitive data, growing from 45% in Q2 to 63% this quarter.
Dive Insight:
Enterprises have lofty aspirations for AI agents, but the risks are high, too. To mitigate potential dangers, CIOs have retooled their governance playbooks.
“Traditional AI was static — you trained it, deployed it, monitored it,” Bryan McGowan, trusted AI leader at KPMG U.S., told CIO Dive. “But agentic AI systems can perceive, reason, plan and even act autonomously.”
For now, AI agents remain mostly in the IT, risk and operations functions, such as quality assurance and fraud prevention, KPMG found. Walmart, for example, is using AI agents in its technology department to identify accessibility gaps in code and accelerate software development broadly.
In addition to human-in-the-loop oversight and limiting sensitive data access, a majority of leaders are also accessing the technology via trusted providers to hedge risk, as reported by 74% of leaders in KPMG’s Q3 survey.
Enterprises often pursue agentic AI adoption with help from existing partners. Athina Kanioura, EVP and chief strategy and transformation officer at PepsiCo, emphasized the importance of technology vendor relationships with enterprises in interviews with CIO Dive earlier this year.
“Organizations are bolstering their foundational controls like zero trust, immutable logging, chain-of-thought transparency and fail-safe protocols — not because the technology demands it, but because the stakes do,” McGowan said in an email.
Analyst firm Gartner believes that adding AI agents to operations leads to weakened cybersecurity standing, reducing the time it takes to exploit authentication channels by 50% over the next two years.
As companies strengthen governance, the potential benefits of agentic systems are within closer grasp.
The rise in risk mitigation and increase in AI agent deployments represent an intentional evolution, according to McGowan.
“When you're deploying systems that can coordinate semi-autonomously or autonomously and adapt in real-time, foundational principles like accountability, transparency and security aren't optional governance checkboxes anymore,” McGowan said. “The organizations getting this right understand that scaling agentic capabilities and scaling trust aren't separate initiatives.”
