COMMENTARY:
Agentic AI reminds me of something culled from science fiction, in which machines take over humans to accomplish outrageous acts with impossibly fast decision-making skills.
Organizations are quickly recognizing the power of
AI agents for automating processes, particularly in complex and uncertain settings, where agents dynamically respond to their environment, learning from past experiences to continuously improve their performance.
[
SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Read more Perspectives here.]
According to
Gartner, by 2028,
Agentic AI will independently make at least 15% of routine work decisions daily, up from zero percent last year.
A mix of expert AI agents
While traditional AI models are narrowly focused on specific domains such as content generation or data analysis, Agentic AI extends those capabilities to transform business process automation, leveraging its power to weigh choices, make decisions, follow procedures, and gain higher scalability.
What sets the two apart?
Agentic AI combines several AI agents, each of which has been designed for a specific purpose. When combined, the strength of these expert AI agents increases exponentially, allowing the Agentic AI system to accomplish something impressive. An Agentic AI-based system can comprise a few or even several hundred of these expert agents.
We can design AI agents for different tasks, including learning agents that can improve their performance over time through interaction and feedback; hierarchical agents that comprise multiple tiers, where higher-level agents assign tasks to lower-level agents to facilitate problem-solving; and goal-based agents designed to achieve specific tasks by picking the most efficient path forward to reach their objective. Through agentic orchestration, these AI agents can assist in automating processes and optimizing workflows.
Agentic AI in cybersecurity
The pace and intelligence of modern threats are defining today’s cybersecurity landscape. With its ability to process large volumes of data, recognize patterns, and adapt security measures based on new information and insights, Agentic AI can react spontaneously to cyber threats quicker than any team member could possibly respond or even keep pace with.
A cybersecurity Agentic AI system with tiers of multiple AI agents collaborating to autonomously detect threats, decide on appropriate security measures, and even predict future attack vectors based on prior attacks, can yield phenomenal improvement gains. Fortunately, we don’t have to wait years for this to become reality.
Microsoft has already added cybersecurity-focused AI agents to its Security Copilot tool to autonomously assist security teams with a to-do list of phishing and security alert triage, conditional access monitoring, vulnerability monitoring and prioritization, and threat intelligence curation.
Other ways in which Agentic AI can further enhance cybersecurity include:
Proactive threat hunting: Agentic AI proposes a holistic method of cybersecurity. It recognizes network traffic patterns to predict future threats before they materialize, modifies security protocols in response to new threats, and learns from new threats to further improve the capacity for recognizing them in the future.
Adaptive defense against dynamic threats: Agentic AI agents will improve over time as they are exposed to novel threats and incidents. The technology's ability to constantly refine algorithms through self-improvement means that AI agents can learn to adapt to new attack methods and remain ahead of attackers. AI agents also use retrieval-augmented generation (
RAG) to catch up with sophisticated cyberattacks. In RAG, external knowledge bases are attached to AI models, thereby accessing information in addition to the knowledge they received during their initial training, which lets them make more recent and precise findings.
Data security and privacy: Agentic AI can detect network anomalies and unauthorized access attempts and promptly revoke access, thereby minimizing the risk of data breaches. AI agents promise the ability to autonomously deploy access controls and encryption to protect sensitive data. Federated
learning lets organizations train a decentralized AI model with distributed datasets without sharing confidential data, ensuring data security and privacy and regulatory compliance.
Supplement human threat analysts: AI agents promise to eliminate labor-and time-intensive human workloads, such as log analysis and routine security checks, letting teams concentrate on more sophisticated threats. With their ability to deliver precise real-time correlations, AI systems promise to detect breaches and act swiftly and independently, thus speeding up the remediation of threats and reducing the potential for human error.
Forecast future attacks with predictive analytics: AI agents continuously operate on vast amounts of data containing information about network traffic, past security incidents, and threat patterns. Analyzing patterns and relationships in the data, they can detect anomalies in the network or deviations from user and system behaviors, suggesting vulnerabilities or attacks within the system. AI agents can conduct attack simulations to learn from them and improve their defense plans, thereby improving preparedness for similar attacks in the future. Predictive analytics let organizations proactively implement security measures, such as neutralizing the threat of high-risk users and systems, and fine-tuning security policies and controls to reduce future threats.
AI agents hold the potential of becoming irreplaceably good actors in modern defenses. Using machine learning to scan immense datasets, recognize abnormalities, and respond to attacks in real time, AI could help create an initiative-taking, adaptive shield that greatly surpasses today's legacy security systems. Embracing Agentic AI isn't only about defending present-day cyber threats — it's about getting ahead of them and creating a safer business world.
Stu Sjouwerman, founder and CEO, KnowBe4SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
