The new kid on the cybersecurity block is an AI agent, and it will find all the cracks in the sidewalk.
Already, the headlines about the potential of AI agents — which work autonomously without humans — are missing the mark. Just look at the AI-powered code editor, Cursor, whose customer support AI went “rogue,” triggering cancellations while an AI agent at Air Canada “told a customer about a refund policy that didn’t exist,” Fortune reports.
Meanwhile, Gartner predicts that by 2028, 25% of enterprise breaches will trace back to AI agent abuse. Finally, security industry pioneer and investor, Kevin Mandia, recently predicted an “AI-agent-enabled cyberattack” within a year.
No doubt, the upside of AI and AI agents is obvious: more productive work as AI empowers, assists and even replaces human workers.
One downside is that AI agents will also significantly increase the attack surface, giving malicious threat actors more ground to orchestrate attacks. As agents access enterprise data to make decisions, bad actors can exploit them to steal employee credentials, gain access to company information and disrupt or take control of systems. Last year, my company’s research demonstrated how cybercriminals use stolen cloud credentials to operate and resell sexualized AI-powered chat services.
While security concerns mount, CEOs are under pressure to adopt AI. McKinsey tells them to invest in AI to “advance boldly today to avoid becoming uncompetitive tomorrow.” Salesforce won’t hire more human engineers this year because it’s leaning into the “digital labor revolution.”
In many enterprises, the only one waving a red flag amid all of the AI expectations? Most likely, the person in charge of security.
Unprepared and outflanked
So what’s a CEO or a CIO to do? The good news is that they’ve faced new technologies before, such as the cloud, and despite initial resistance, they’ve beefed up their security. They need to do the same with AI agents — just faster — because AI will expose security weaknesses faster and more brutally than any other technology we’ve adopted.
The bad news is that most companies have never adequately secured themselves against cyberattacks of any kind. Just 4% of global companies have reached the “mature” stage of readiness to battle cybersecurity attacks, indicates the 2025 Cisco Cybersecurity Readiness Index, which surveyed 8,000 business leaders, while 70% are in the “formative” or “beginner” stages. Meanwhile, 71% of leaders expect a cyberattack to disrupt their business within the next 12 to 24 months. “Most companies remain underprepared to prevent or manage these threats,” the report states.
Upping the pressure? The risks from AI agents will grow super fast because AI itself changes so fast. Rather than one human stealing employee credentials — or 50 machines orchestrated by a hacker — there will be 50,000 AI agents. They’ll move fast, learn and pivot — far faster than humans. Any semblance of control we think we have over data and systems will be fiction.
Back to basics
As such, the next enterprise security frontier isn’t only defending against human threats — it’s also about securing the exploding universe of autonomous AI agents. CEOs and CIOs need to double down on the basics — ideally before AI agents are deployed. Needed steps include risk assessment around:
- Employees. At least 15% of employees “routinely access” generative AI platforms on their corporate devices, a Verizon survey shows. This greatly enhances the risk of data leaks and open doors. Figure out what’s going on in your company, who’s using what and what guardrails are needed.
- Agent permissions. If you’ve already got AI agents deployed, what do they have permission to do and what data can they access? AI agents often rely on credentials or API tokens initially provisioned with overly broad permissions for simplicity or operational speed. Over time, these broad permissions create significant security risk, as agents perform tasks and access critical resources far beyond their actual business requirements.
- Data. What data is being uploaded and where? How strong is your data governance, meaning you know where the data came from, when, how and if it was changed and by whom? Agentic AI will exploit weak data governance like never before because AI’s ability to explore data is unprecedented.
- Vendors. How are vendors using and securing AI agents? Where are they in your supply chain? Look for AI agents to have job functions, like ordering parts when supplies get low. You want vendors to profile agents so they’ll be more likely to spot abnormal behaviors. For instance, if the parts agent asks for supplier payment information, red flag alert. Press vendors for audits and metrics that show results.
In short, secure AI agents are like any employee. Demand full visibility into human and non-human identities, the ability to track interaction by AI agents back to their origin, spot behaviors that are abnormal and detect unauthorized, anomalous or risky actions by agents across cloud, SaaS and hybrid infrastructures. By continuously auditing agent permissions, privileges and interactions, companies will better enforce policies that minimize risk exposure.
Investing with confidence
Despite the security challenges, I do see AI agents as the future. I also agree with McKinsey that speed is key — not only to keep the competitive edge but also to stay ahead of security threats. The faster enterprises embrace security fundamentals, including securing identities, the less their risk of any cyberattack, including from AI agents. Companies build trust and organizational confidence around agentic AI if it is secure. Rather than a gate that slows progress, security is a guardrail that enables businesses to go faster.
This article is published as part of the Foundry Expert Contributor Network.
Want to join?
Read More from This Article: Autonomous AI agents = Autonomous security risk
Source: News