They’re task-oriented and will be designed to take it upon themselves to complete those tasks as efficiently as possible without any human input.The AI agents are coming.
At its annual Ignite conference last November, it was made clear Microsoft thinks so-called “agentic AI” will be a big part of its future artificial intelligence strategy.
Described as “agents” and powered by AI, they will carry out everyday tasks like customer service along with more complex duties such as managing supply chains.The difference between these agents and generative AI (GenAI) – its relative in the AI family tree – is the degree of autonomy and decision-making they are imbued with to not only complete mundane, labor-intensive tasks, but to also streamline systems and free-up humans to do other work.As futurist and author Bernard Marr wrote: “Think of generative AI as a highly skilled assistant waiting for instructions, while agentic AI is more like a colleague who can take the initiative and work independently toward broader objectives.”The potential benefit of agentic AI to organizations is not lost on the technology and cybersecurity industry. Many security professionals submitting predictions to SC Media said they see companies incorporating AI agents into business and security operations in 2025 and beyond.Alex Bovee, CEO and co-founder of identity governance platform firm ConductorOne, sounded bullish in his prediction.“AI agents will run and operate within your organization just like humans," Bovee suggested."They’ll even begin to interact with other AI agents to accomplish their job. This means AI agents are going to look, feel, and act just like humans do in an organization.”Computer chip maker Nvidia, the company often at the center of this AI revolution, described the potential applications for AI agents as vast, “limited only by creativity and expertise,” Erik Pounds, director of product marketing, posted on the company’s blog.According to J. Stephen Kowski, SlashNext’s field CTO, the primary advantage of agentic AI extends beyond simple automation by introducing adaptive decision-making that can handle complex, multi-step processes without constant human intervention.“This technology enables organizations to streamline operations while reducing human error and increasing the speed of execution across various business functions,” Kowski said via email.While still an emerging trend, at least one cybersecurity firm said it’s currently using agentic AI in its offerings.ReliaQuest announced on Feb. 3 that its ReliaQuest AI Agent is processing security alerts 20 times faster than traditional methods with 30% greater accuracy at identifying true threats. Claiming that ReliaQuest AI Agent is the first agentic AI in the cybersecurity industry, ReliaQuest announced that its agent uses “a decade of end-to-end incident response data and expertise to build and execute its own workflows and solve problems dynamically, in record time.”“Agentic AI represents the future of cybersecurity, and we’ve only just scratched the surface of what’s possible,” said ReliaQuest founder and CEO Brian Murphy. “Eliminating Tier 1 and Tier 2 work out of security operations will give our customers’ talented security teams back time and energy to do the work that matters, helping to protect the global organizations we all interact with on a daily basis.”
The agentic AI debate and what sets it apart from GenAI
There’s a lot of debate in the technology industry on the definition of “agentic AI,” said Darktrace’s Security and AI Director Hanah Darley, who is also the cybersecurity firm’s Field CISO. “The easiest way to kind of quickly group all of those different definitions together is an advanced AI system that is task-focused and can make decisions.”While the explosion of GenAI has become a common reference point for AI from a social conscious perspective, Darley said it’s unhelpful when differentiating it from agentic AI.“Most generative AI systems are reinforcement systems – I give you something, you give me something,” Darley explained, adding that GenAI is based on the interaction to create something or get an output. Agentic AI systems, meanwhile, are about decisions and tasks. “In some cases, a generative AI system will be leveraged as kind of an interface between a user and the task-oriented side of things to go and do those tasks,” she said.The term “agentic AI” itself implies agency, and models can now script and execute software code, call the APIs of other services, and implement their own agents to achieve defined task goals, said Fortanix Chief AI Officer Dr. Richard Searle. “An agent can be as simple as a customer-service chatbot, or form a component of a much more complex, and dynamic, network of agents collaborating to fulfill a specific function.”The most obvious benefit for adopting agentic AI is the automation of processes and, thus, improved operational efficiency, said Searle.“The use of agentic AI to manage operational tasks will relieve human employees to innovate and direct business processes via human-machine teaming,” said Searle. “In many cases, self-adaptive agents will generate innovative models and behaviors that humans will be able to exploit.”
Security concerns and the future of the agentic AI market
Agentic AI’s potential could be far and wide, but it will still take time and effort for organizations building the new systems to ensure they are secure.In his prediction to SC Media, Rubrik co-founder and CTO Arvind Nithrakashyap said that as AI agents become more sophisticated and interconnected, they will likely lead to more security vulnerabilities and accidental data leaks. “Savvy business and IT leaders will not let this hold them back from adopting agentic AI but rather drive them to establish guardrails, set up stringent data access policies, and clearly communicate organizational best practices,” he continued.As Darktrace’s Darley emphasized: “If you don’t have good data security as an organization, anything that you try to build on top of that, from an advanced AI perspective, will be difficult. So you have to get your data security right in order to get AI right, because good data is good AI.”The autonomous nature of agentic AI also introduces concerns about control and accountability, said Kowski, as the systems can make rapid changes without traditional management oversight.“Security concerns are paramount, as malicious actors could potentially exploit these AI agents to automate attacks, create unauthorized system changes, or execute harmful scripts at unprecedented speed and scale,” Kowski said.While the existing commercial use of agentic AI is limited, experts are predicting that AI agents will be seen every sector, said Darley, and that everyone will have their own personal AI assistant performing tasks.And if we use generative AI as a guidepost, then adoption of agentic AI could become just as widespread, said Darley. “People love generative AI … I think you could see that replicated in the agentic space.”She cautioned, “you might not know how popular something is until it goes really right or really wrong.”
An In-Depth Guide to AI
Get essential knowledge and practical strategies to use AI to better your security program.
Stephen Weigand is managing editor and production manager for SC Media. He has worked for news media in Washington, D.C., covering military and defense issues, as well as federal IT. He is based in the Seattle area.
Increasing concerns regarding the potential utilization of Chinese artificial intelligence platform DeepSeek for foreign government surveillance have prompted New York Gov. Kathy Hochul to ban the AI chatbot's usage across all state-issued devices just days after Texas Gov. Greg Abbott issued a similar prohibition for DeepSeek and Chinese-owned social media apps.
Aside from integrating analytics and continuous monitoring to improve MSP management of customers' accounts, ThreatMate's solution has been touted to enable automated penetration testing, cybersecurity audits, risk scoring, asset discovery, and dark web tracking to facilitate less complex and costly security, compared with typical enterprise security platforms.
Both malicious packages resembling proof-of-concept models were not identified by Hugging Face's Picklescan security tool due to differences in compression format with PyTorch, as well as a security issue that prevented the proper scanning of Pickle files that could facilitate compromise, according to a report from ReversingLabs.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
