This article is part of VentureBeat’s special issue, “The cyber resilience playbook: Navigating the new era of threats.” Read more from this special issue here.
Generative AI poses interesting security questions, and as enterprises move into the agentic world, those safety issues increase.
When AI agents enter workflows, they must be able to access sensitive data and documents to do their job — making them a significant risk for many security-minded enterprises.
“The rising use of multi-agent systems will introduce new attack vectors and vulnerabilities that could be exploited if they aren’t secured properly from the start,” said Nicole Carignan, VP of strategic cyber AI at Darktrace. “But the impacts and harms of those vulnerabilities could be even bigger because of the increasing volume of connection points and interfaces that multi-agent systems have.”
Why AI agents pose such a high security risk
AI agents — or autonomous AI that executes actions on users’ behalf — have become extremely popular in just the last few months. Ideally, they can be plugged into tedious workflows and can perform any task, from something as simple as finding information based on internal documents to making recommendations for human employees to take.
But they present an interesting problem for enterprise security professionals: They must gain access to data that makes them effective, without accidentally opening or sending private information to others. With agents doing more of the tasks human employees used to do, the question of accuracy and accountability comes into play, potentially becoming a headache for security and compliance teams.
Chris Betz, CISO of AWS, told VentureBeat that retrieval-augmented generation (RAG) and agentic use cases “are a fascinating and interesting angle” in security.
“Organizations are going to need to think about what default sharing in their organization looks like, because an agent will find through search anything that will support its mission,” said Betz. “And if you overshare documents, you need to be thinking about the default sharing policy in your organization.”
Security professionals must then ask if agents should be considered digital employees or software. How much access should agents have? How should they be identified?
... continue reading