Skip to content
Tech News
← Back to articles

The New Security Risk Every Business Using AI Needs to Know About (and How to Protect Yourself)

2026-05-05 | original
read original get AI Security Protection Kit → more articles
Why This Matters

The rise of autonomous AI agents introduces a significant new security risk for businesses, expanding the attack surface and challenging traditional security measures. As these systems increasingly operate with direct access to sensitive data without human oversight, organizations must adapt their security strategies to prevent potential breaches and misuse. Addressing this emerging threat is crucial for safeguarding data and maintaining trust in AI-driven operations.

Key Takeaways

Opinions expressed by Entrepreneur contributors are their own.

Key Takeaways Autonomous agents are expanding the attack surface in organizations, as they increasingly operate with direct access to sensitive data — often without human oversight or key security controls in place.

Traditional identity and access management strategies were not designed for this shift since they’re built around human users rather than autonomous systems.

Automated management must be prioritized in the boardroom, security teams need access to tools that can comprehend what the user is asking for, and there must be a separation of duties at the user level.

For almost two years, a big change has been taking place when it comes to the security architecture used by most businesses. While most IT teams are still focused on vulnerabilities and fighting common types of ransomware, there has been a new type of risk that has been gradually developing called autonomous access. This risk goes by various names, such as agentic AI, automated workflows and autonomous agents, but ultimately, they all do the same thing.

Nowadays, it is permitted to act on data without human intervention. Even when it makes transactions, it does not always need approval. It’s an automatic system with an instruction to “get things done” as efficiently as possible.

The term that is commonly used by IT security practitioners to refer to these problems is OpenClaw. According to the SANS Institute, OpenClaw agents make up “the single greatest expansion of the attack surface since the migration to cloud infrastructure.” The organization’s 2025 State of Identity Threat Report also added that up to two-thirds of organizations are using AI agents with access to sensitive data without having key security measures in place.

Another bit of work by the Cloud Security Alliance (CSA) identified that automated systems, including AI agents, now make up over 80% of authentication attempts in modern environments, even though they receive less than 5% of security oversight.

Switching to write-execute access

Over decades, data security worked according to a simple concept. You were required to protect the keys. If a human’s passwords were fiddled with, they were revoked. If a database was compromised, it was removed from the system.

... continue reading

Explore topics: autonomous agents openclaw ai security identity management ransomware
Related:
One command turns any open-source repo into an AI agent backdoor. OpenClaw proved no supply-chain scanner has a detection category for it
The biggest AI shift is taking place in your employees’ bags
Karakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prison
AI agents in research: when productivity comes at the cost of apprenticeship
Microsoft takes Agent 365 out of preview as shadow AI becomes an enterprise threat

© 2026 GoKawiil

About | Editorial Policy | Contact