Agentic AI is Reshaping Cybersecurity
Agentic AI is here. Now what.
Companies are rushing to adopt a AIaaS (AI as a service) solutions so they can outsource repetitive and continuous monitoring tasks to teams of AI agents. The goal is to cut costs and cultivate strong system defenses, but how well does Agentic AI actually hold up in the current cyber threat landscape? Are people sacrificing long-term system security for short-term investment returns?
This article provides an overview of how Agentic AI is influencing the field of cybersecurity, for better and for worse, and what cybersecurity professionals can hope to expect as AI agents continue to be adopted into the workforce.
Schrödinger’s Agent
AI Agents are both friend and foe when it comes to cybersecurity. The hype and fear surrounding AI and its potential for fully autonomous coding capabilities has retired old security concerns and raised a thousand new ones. Every day hackers are finding new ways to exploit LLM models and the agents harnessing them, faster than experienced cybersecurity professionals can keep up. Since AI was given the reigns to conduct its own vulnerability tests, hundreds of zero-day and no-day vulnerabilities have been uncovered - some that have existed on major platforms for well over 20 years - the question being, “would these vulnerabilities have ever been discovered without AI?”.
As such, a vicious cycle has been created. People who employ AI agents now have the ability to uncover long-standing vulnerabilities at a speed and scale no human vulnerability engineer could ever hope to match. Which means human agents now need to employ AI agents to hunt for vulnerabilities they might have missed before malicious agents find them first.
This perceived reliance on AI agents then opens an organization to new cyber threats - attacks designed to bypass Agentic AI’s training and internal security systems. As explained by Chhabra et al. in “Agentic AI Security: Threats, Defenses, Evaluation, and Open Challenges”,
“Adversaries can leverage agents’ black box nature to human eyes, training methods, and interpretations of their inner logic, to conceal and inject instructions…” (p. 6)
In other words, cyber attacks can go completely unnoticed even while massive amounts of data are being leaked and the AI agent is being actively corrupted, especially if the AI agent affected 1) is almost fully autonomous and rarely monitored and 2) interacts with multiple other agents susceptible to the same vulnerabilities. This raises severe security concerns, as the whole goal of introducing AI agents is to give them autonomy, and reduce the workload of security professionals who are already stretched thin in the face of quickly evolving AI-centered threats.
So What About the Cybersecurity Professionals?
The rapid evolution of AI-driven and AI-focused cyber threats has led to shorter and shorter acceptable threat response timelines. Cybersecurity professionals are being forced to try and match AI’s speed or face being replaced, which creates an environment ripe for encouraging short-term solutions that lead to long-term vulnerabilities - a problem the security sector has been dealing with for decades.
The problem with short vulnerability response turn around times that rely on input from AI agents is that they are often susceptible to faulty/opaque coding. Coding that human employees have to spend extra time parsing through and correcting, creating workflow bottlenecks that reduce overall efficiency, and can lead to even more vulnerabilities being overlooked during the code correction process.
In addition, AI is inherently incapable of understanding what constitutes “sensitive information”. It does not understand when it has overstepped its boundaries, and as its main goal is to be as efficient as possible, to complete its given task as quickly as it possibly can, it does not care how its decisions impact anything outside of its given mission. This often leads to AI agents rewriting lines of code they should not have had access to - redesigning systems they were not given permission to touch. The fact that AI operates within a black-box model also means it is inherently bad at explaining why it does these unpredictable things in a way that makes sense to a human user. It is inherently bad at recreating and reapplying human logic to its solutions.
This creates even more bottlenecks, as not only do engineers have to clean up confusing coding, but entire disrupted systems they did not expect to have edited or rearranged. And while this may seem like a problem borne from poor regulation, this crossing of boundaries often occurs even when the user believes they have set strict, explicit rules for what the AI agent is and is not allowed to manage. So how do you manage agents that don’t understand the rules of management?
Can AI Agents be Managed?
The question is less can AI Agents ever be managed, and more “can they ever be managed effectively”. Most AI Agents are token-based, and require hundreds of unseen internal queries to provide usable outputs, each of which use thousands of tokens, creating costs companies don’t expect. It again boils down to a lack of transparency, and the cognitive dissonance that comes with the natural instinct to conflate speed with efficiency. Prompting a model over and over again is not cost efficient, nor, in the end, is it actually time efficient if you care about getting an immediately usable “fully-finished” output.
This, expectedly, creates a lot of issues when AI agents are being used to complete complex cybersecurity or software engineering tasks. If an AI Agent repeatedly outputs unusable code, the user still has to pay for every prompt (and every unseen prompt the agent autonomously generates), as well as someone to clean up and verify the validity of the final results.
In other words, cybersecurity professionals are still very much needed to maintain proper system security, especially when it comes to monitoring AI agents, keeping them on task in order to cut auto-generation costs and prevent potential agent-based vulnerabilities. However, the rise of Agentic AI has led to the elimination of many entry-level cybersecurity positions, reducing the pool of qualified professionals, and raising the industry’s barrier to entry in a time where industry growth is vital to maintaining digital infrastructure.
In Conclusion
AI and the way it is shaping the cyber sphere is an issue at the forefront of our modern society. The future of Agentic AI relies on the expertise of cybersecurity professionals to ensure it is deployed ethically, meeting established security requirements and avoiding undue risks. Without proper monitoring and collaboration, AI Agents could be a gateway to untold security crises, with the vast amount of information they have access to, and their ability to make autonomous decisions that conflict with existing security practices. Already we are seeing it exploited as governments struggle to decide how best to implement and regulate its usage, and companies rush to adopt it despite ongoing security concerns. It is undeniably a useful tool that has huge potential to streamline future workflows, but until now it needs strict guardrails to ensure it doesn’t overload the cybersecurity industry with more threats than it can take.