Central blue AI robot surrounded by interconnected data flows, representing AI, cybersecurity, and automated systems across global networks.

Agentic Artificial Intelligence

Posted by:

|

On:

|

When most people think of Artificial Intelligence (AI), they think of the widespread, commercial, chatbot-like platforms. You type something, and it types something back; the user initiates actions. An “agent” is different. It can browse the web, write and run code, call other software, and chain multiple steps together to complete a task without a human having to click “approve” at every stage. While incredibly useful, it’s also a brand-new category for security teams to defend against.

Gartner, the research firm that tracks enterprise tech trends, singled this out as the top cybersecurity trend for 2026. Their analysts point out that employees and developers are adopting agentic AI so quickly, often through no-code tools and “vibe coding” platforms, that it’s creating unmanaged AI agents and unsecured code faster than security teams can track them.

Risk On Both Sides

AI isn’t just a new target to protect. It’s also a new weapon. CrowdStrike’s 2026 Global Threat Report found that attacks by AI-enabled adversaries jumped 89% compared to the year before, and that the average “breakout time,”  how long it takes an attacker to move from an initial foothold to the rest of a network, has dropped to as little as 27 seconds in the fastest observed cases. Criminal forums also constantly discuss mainstream AI models, and multiple organizations have had their legitimate AI tools hijacked by attackers to generate malicious commands or steal data.

IBM’s research team found a similar pattern from a different angle. Their 2026 X-Force Threat Intelligence Index noted a sharp rise in attacks on public-facing applications, partly fueled by supply-chain compromises that ripple outward through trusted software connections. One example they point to is attackers who gained access to Salesforce customer environments not by targeting Salesforce directly, but by compromising authentication tokens from a connected third-party tool, illustrating how a single trusted integration can become the weak link for hundreds of downstream companies.

It’s basic system hygiene gaps, such as an over-permissioned integration, an unmonitored tool, or a login nobody rotated, that AI-powered attacks now exploit at machine speed.

Identity

If agentic AI is the trend, identity and access management is where it’s causing the most headaches. Traditional IAM systems were built around a simple assumption: a person logs in, does something, logs out. AI agents break that assumption. They can act on a person’s behalf with their credentials at any hour, doing dozens of things a minute.

Gartner calls this out directly as a distinct 2026 trend: identity and access management adapting to AI agents, especially around how organizations register, govern, and grant credentials to non-human identities. A rogue employee is bad; a rogue AI agent that can act at machine speed across dozens of systems simultaneously is a different order of magnitude.

Industry Response

The interesting twist is that defenders are leaning into the same technology that’s causing the problem. Google Cloud’s 2026 forecast describes this as the rise of the “Agentic SOC,”  where AI agents handle the repetitive, high-volume work of triage and investigation, freeing up human analysts to focus on judgment calls and real threats.

That matches what security teams are seeing in practice. IBM researchers note that even as teams adopt more automated, AI-driven tools, the basics still matter most: maintaining accurate inventories of systems and identities, consistently managing configurations, and promptly retiring anything no longer in use.

None of this means AI agents are inherently dangerous or that organizations should avoid them. The technology is delivering real productivity gains, and it isn’t going anywhere. What’s changed is the shape of the risk: it’s less about a single hacker finding a clever exploit and more about speed, scale, and the blurry question of who or what is taking action inside your systems at any given moment.

As one researcher quoted in IBM’s report put it, even advanced AI-powered defenses offer little protection if the front door is left open.


Sources

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.