There’s a gap opening up in enterprise security right now, and most organizations can feel it but haven’t named it yet.
AI agents are no longer a roadmap item. They’re running in production environments, calling APIs, querying databases, reading documents, and making decisions on behalf of employees and customers. The speed of this shift has been remarkable. The security thinking hasn’t kept up.
That gap is what Confidential Computing (CC) Summit 2026 is about.
The problem with “Secure AI”
When organizations talk about securing AI, they usually mean one of a few things: access controls on who can use the model, guardrails on what the model can say, or governance frameworks for AI outputs. These are all necessary. None of them address what happens inside the computation itself.
Traditional security was designed for a world where data moved between defined endpoints, rested in known storage, and was accessed by authenticated humans. AI agents break every one of those assumptions. A single agent can autonomously traverse dozens of systems in a single session, combine sensitive data sets that were never meant to touch, and pass outputs to other agents in a chain that no human directly oversees.
The threat surface has changed. The security stack largely hasn’t.
According to IDC’s 2025 Confidential Computing Study of 600 global IT leaders, 87% of organizations identified data breaches by remote outside attackers as an area needing improvement, and 83% flagged malicious insider threats. Those numbers reflect a security posture still oriented around perimeter defense and identity management — exactly the tools that offer the least protection once an AI agent is operating inside your environment with legitimate credentials.
What Confidential Computing actually solves
Confidential Computing is the protection of data that is actively in use — during computation, not just at rest or in transit. It does this through hardware-based trusted execution environments (TEEs): isolated enclaves where sensitive workloads run encrypted and verifiably protected, even from the operating system, the hypervisor, and cloud infrastructure administrators.
This matters for agentic AI in a specific and concrete way.
When an AI agent processes your customer data, it isn’t just reading a file and returning a result. It’s loading data into memory, running inference or retrieval operations, passing context between components, and often logging intermediate states. Each of those moments is a potential exposure point. TEEs close that window. The computation happens inside a hardware-isolated environment that can cryptographically prove its own integrity to any party that asks — a capability called attestation.
Attestation is what makes Confidential Computing different from every other privacy-enhancing technology. It doesn’t just claim security. It proves it.
That distinction matters increasingly as AI systems grow more autonomous. An agent that can attest its own execution environment gives organizations something they don’t have today: a verifiable chain of trust from silicon to output.
The adoption signal is already there
IDC’s July 2025 study surveyed 600 IT leaders across 15 industries and found that 75% of organizations are already using or piloting Confidential Computing — 18% in full production and 57% actively testing. Another 19% plan to deploy within 24 months.
That trajectory is being accelerated by two forces happening simultaneously.
The first is regulatory. The EU Digital Operational Resilience Act (DORA) mandates that financial institutions maintain high standards of availability, authenticity, integrity, and confidentiality for data whether at rest, in use, or in transit. “In use” is the new requirement — and Confidential Computing is one of the few technologies positioned to satisfy it. IDC found that 77% of organizations are more likely to consider Confidential Computing specifically because of DORA’s requirements.
The second is the agentic AI wave itself. Agentic AI doesn’t just process sensitive data — it reasons across it, combines it, and acts on it in ways that amplify both the value and the risk. Organizations that want to deploy AI agents in regulated environments — healthcare, financial services, government — need a security architecture that can operate at that level of autonomy. Confidential Computing is the layer that makes that possible.
The two forces compound. Regulation creates urgency. AI creates the use case. Confidential Computing provides the infrastructure.
Where most organizations are still stuck
Despite the adoption momentum, IDC’s research surfaces a telling pattern: the barriers to Confidential Computing are no longer about whether it works. They’re about how to implement it.
The top challenge cited by 85% of respondents was validating attestation chains of trust. Seventy-eight percent flagged that it still carries a reputation as a niche technology with limited proof points. Seventy-five percent pointed to skills gaps.
These are solvable problems. But they’re not solved by waiting for the technology to simplify on its own. They’re solved through community — through practitioners sharing what they’ve built, security architects exchanging what they’ve learned, and vendors demonstrating real deployments against real threat models.
That’s precisely what CC Summit 2026 is designed to produce.
The question that matters now
75% of organizations are piloting or deploying Confidential Computing. The regulatory window is narrowing. Agentic AI is already running in production environments across every major industry.
The organizations moving fastest are the ones who stopped asking whether they need this security layer and started asking how to build it.
If you’re responsible for AI infrastructure, security architecture, or data governance in a regulated or high-stakes environment, that’s the conversation happening at CC Summit 2026.
Don’t let your security architecture fall behind your AI capabilities. The blueprints for the future of data security are being drawn right now—and you need to be in the room.
- Secure Your Spot: Register today for the Confidential Computing Summit 2026 to connect with enterprise peers, explore real-world deployment frameworks, and solve the attestation and skills gaps holding your organization back.
- Get Involved: Shape the standard for secure, autonomous AI. Learn how you can contribute to open-source initiatives, collaborate with industry leaders, and join the mission by becoming a part of the Confidential Computing Consortium.
