Agentic AI Security: Joint Guidance for Safe Adoption

Cybersecurity authorities from Australia, Canada, New Zealand, the United States, and the United Kingdom have published joint guidance on securely adopting agentic artificial intelligence systems. This guidance aims to help organizations that design, develop, deploy, or operate these AI systems. Agentic AI systems can interpret objectives, retain context, access external data, make decisions, and take actions with limited human involvement. They can even create sub-agents for tasks. While offering benefits, these capabilities also create a broader and more complex security risk profile than other AI tools. The guidance highlights key security risks, including privilege risks from broad system access, and design and configuration risks from unvetted third-party components. Behavior risks involve AI agents pursuing objectives in unintended ways. Structural risks arise when actions are delegated autonomously or occur too quickly for human review, reducing visibility and control. Accountability risks stem from these systems obscuring the causes of actions, making it hard to identify why an action was taken or what caused an adverse outcome. The guidance also notes that agentic AI systems inherit known large language model risks like prompt injection and hallucinations, which can be amplified when agents act on external systems or use elevated privileges. A recurring theme.