Sign In Sign Up
AI & ML

Addressing Security Risks in the Rapid Rise of Agentic AI

As enterprises increasingly adopt agentic AI, they must address unique security challenges, particularly in supply chain vulnerabilities and identity management.

Apr 21, 2026 3 min read
Sign in to save

Understanding the Rise of Agentic AI

Agentic AI, characterized by its ability to execute tasks with minimal human intervention, is gaining traction across enterprise settings. Unlike traditional AI, which primarily assists users in various tasks, agentic AI autonomously handles complex operations, from coding and deploying applications to managing entire processes without continuous oversight. Gartner forecasts that by the end of 2026, nearly 40% of enterprise applications will incorporate such task-specific AI agents, a significant leap from less than 5% in 2025. Additionally, research from Deloitte suggests that upwards of 75% of companies will utilize agentic AI by 2028, indicating a widespread shift towards these autonomous systems.

Amplification of Existing Security Challenges

This rapid integration of agentic AI introduces considerable risks alongside its benefits. As agents operate with high levels of autonomy and interaction, they create new threat vectors. The necessity for seamless collaboration between AI agents, human users, and software amplifies established weaknesses within cybersecurity frameworks.

A major concern lies in the software supply chain. The speed at which AI agents can deploy code increases the likelihood of introducing vulnerabilities. Early indicators suggest that AI-generated code may exhibit security flaws more frequently than human-written code. As developers lean heavily on AI tools integrated into their workflows, the need for stringent security measures becomes even more pressing.

Identity and Access Management Risks

Agentic AI also poses challenges in identity and access management. To function effectively, these AI agents require expansive permissions across various applications and environments, complicating the existing landscape of identity governance. Many current AI tools adhere to a default trust model when interacting with external systems, which could become exploited if agents are compromised. The ramifications could be severe, including unauthorized data access, email dissemination, or financial transactions executed without appropriate checks.

Prompt Engineering as a Security Concern

A particularly insidious risk is the potential for prompt engineering attacks. Malicious actors can craft prompts that mislead AI agents into executing harmful actions that benefit the attacker. This manipulation may not only arise from traditional malware but might also be embedded within deceptive communications, such as emails. As enterprise reliance on agentic systems increases, attackers may shift their focus away from conventional malware attacks, opting instead to exploit agents directly for greater impact.

It's unlikely that complete protection against prompt engineering will be feasible. The inherent need for AI agents to operate efficiently means robust guardrails are often impractical. Therefore, organizations need to adopt layered security strategies, including human oversight at critical decision points, to mitigate the risks posed by manipulated agents.

Interactions Between Multiple AI Agents

With the rise of multi-agent systems, the unpredictability of agent interactions presents additional security complexities. Research highlights three primary types of undesirable outcomes that can arise when agents collaborate:

  • Miscoordination: Agents may fail to align effectively, obstructing goal achievement.
  • Collusion: Groups of agents might cooperate in unintended ways, undermining operational integrity.
  • Conflict: Individual agents could act in self-interested manners, harming others’ interests.

These unexpected behaviors highlight the need for careful management and oversight of agent interactions, particularly as these autonomous systems are tasked with critical operations.

Looking Ahead: The Future of Agentic AI Security

The initial instances of data breaches linked to agentic AI will likely stem from environments where security protocols are lenient or default settings remain unchanged. Enterprises must shift their approach to identity management, placing AI agents on equal footing with human identities in terms of security scrutiny.

Prompt injection techniques are poised to become a common tactic among cyber adversaries, highlighting the urgent need for enterprises to not only implement robust security measures but also to reconsider how they approach AI governance, identity management, and risk modeling within the cyber insurance sector.

Strategic Mitigation Measures

To counter the risks associated with agentic AI, organizations must enforce stringent identity verification protocols, including:

  • Implementing zero-trust frameworks for agent identities.
  • Enhancing visibility on agent behavior through continuous monitoring.
  • Strengthening supply chain governance for AI-generated code.
  • Establishing defenses against prompt injections and other manipulations.

These measures not only safeguard against external threats but also promote a culture of security awareness as organizations adapt to the evolving landscape of AI technology.

Source: Michael Williams · www.recordedfuture.com

Comments

Sign in to join the discussion.

More Stories

Exploring the Vision of Bertrand Duplat: A Leader in Entrepreneurial Disruption
Exploring the Vision of Bertrand Duplat: A Leader in Entrepreneurial Disruption
18 hours ago
 Mistral Aims for AI Sovereignty Amid Growing Concerns Over US Control
Mistral Aims for AI Sovereignty Amid Growing Concerns Over US Control
18 hours ago
 CuspAI Gains Momentum with $400M Investment, Projecting a $2.6B Valuation
CuspAI Gains Momentum with $400M Investment, Projecting a $2.6B Valuation
18 hours ago