73% of CISOs say they're not ready for the next major incident. Traditional IR playbooks don't cover AI agents. Here's what does.

Sygnia's 2026 CISO Survey 73% say their org is not fully ready to respond to a major attack. Only one third feel prepared to investigate an AI agent incident specifically. The problem: traditional IR playbooks were built for compromised servers and stolen credentials. They don't account for agents that cache credentials across requests, maintain persistent memory that can be poisoned, communicate with other agents in natural language, and execute multi-step plans autonomously.