The AI paradox: How tomorrow’s cutting-edge tools can become dangerous cyber threats (and what to do to prepare)


Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More


AI is changing the way businesses operate. While much of this shift is positive, it introduces some unique cybersecurity concerns. Next-generation AI applications like agentic AI pose a particularly noteworthy risk to organizations’ security posture.

What is agentic AI?

Agentic AI refers to AI models that can act autonomously, often automating entire roles with little to no human input. Advanced chatbots are among the most prominent examples, but AI agents can also appear in applications like business intelligence, medical diagnoses and insurance adjustments.

In all use cases, this technology combines generative models, natural language processing (NLP) and other machine learning (ML) functions to perform multi-step tasks independently. It’s easy to see the value in such a solution. Understandably, Gartner predicts that one-third of all generative AI interactions will use these agents by 2028.

The unique security risks of agentic AI

Agentic AI adoption will surge as businesses seek to complete a larger range of tasks without a larger workforce. As promising as that is, though, giving an AI model so much power has serious cybersecurity implications.

AI agents typically require access to vast amounts of data. Consequently, they are prime targets for cybercriminals, as attackers could focus efforts on a single application to expose a considerable amount of information. It would have a similar effect to whaling — which led to $12.5 billion in losses in 2021 alone — but may be easier, as AI models could be more susceptible than experienced professionals.

Agentic AI’s autonomy is another concern. While all ML algorithms introduce some risks, conventional use cases require human authorization to do anything with their data. Agents, on the other hand, can act without clearance. As a result, any accidental privacy exposures or mistakes like AI hallucinations may slip through without anyone noticing.

This lack of supervision makes existing AI threats like data poisoning all the more dangerous. Attackers can corrupt a model by altering just 0.01% of its training dataset, and doing so is possible with minimal investment. That’s damaging in any context, but a poisoned agent’s faulty conclusions would reach much farther than one where humans review outputs first.

How to improve AI agent cybersecurity

In light of these threats, cybersecurity strategies need to adapt before businesses implement agentic AI applications. Here are four critical steps toward that goal.

1. Maximize visibility

The first step is to ensure security and operations teams have full visibility into an AI agent’s workflow. Every task the model completes, each device or app it connects to and all data it can access should be evident. Revealing these factors will make it easier to spot potential vulnerabilities.

Automated network mapping tools may be necessary here. Only 23% of IT leaders say they have full visibility into their cloud environments and 61% use multiple detection tools, leading to duplicate records. Admins must address these issues first to gain the necessary insight into what their AI agents can access.

Employ the principle of least privilege

Once it’s clear what the agent can interact with, businesses must restrict those privileges. The principle of least privilege — which holds that any entity can only see and use what it absolutely needs — is essential.

Any database or application an AI agent can interact with is a potential risk. Consequently, organizations can minimize relevant attack surfaces and prevent lateral movement by limiting these permissions as much as possible. Anything that does not directly contribute to an AI’s value-driving purpose should be off-limits.

Limit sensitive information

Similarly, network admins can prevent privacy breaches by removing sensitive details from the datasets their agentive AI can access. Many AI agents’ work naturally involves private data. More than 50% of generative AI spending will go toward chatbots, which may gather information on customers. However, not all of these details are necessary.

While an agent should learn from past customer interactions, it does not need to store names, addresses or payment details. Programming the system to scrub unnecessary personally identifiable information from AI-accessible data will minimize the damage in the event of a breach.

Watch for suspicious behavior

Businesses need to take care when programming agentive AI, too. Apply it to a single, small use case first and use a diverse team to review the model for signs of bias or hallucinations during training. When it comes time to deploy the agent, roll it out slowly and monitor it for suspicious behavior.

Real-time responsiveness is crucial in this monitoring, as agentive AI’s risks mean any breaches could have dramatic consequences. Thankfully, automated detection and response solutions are highly effective, saving an average of $2.22 million in data breach costs. Organizations can slowly expand their AI agents after a successful trial, but they must continue to monitor all applications.

As cybersecurity advances, so must cybersecurity strategies

AI’s rapid advancement holds significant promise for modern businesses, but its cybersecurity risks are rising just as quickly. Enterprises’ cyber defenses must scale up and advance alongside generative AI use cases. Failure to keep up with these changes could cause damage that outweighs the technology’s benefits.

Agentive AI will take ML to new heights, but the same applies to related vulnerabilities. While that does not render this technology too unsafe to invest in, it does warrant extra caution. Businesses must follow these essential security steps as they roll out new AI applications.

Zac Amos is features editor at ReHack.

DataDecisionMakers

Welcome to the VentureBeat community!

DataDecisionMakers is where experts, including the technical people doing data work, can share data-related insights and innovation.

If you want to read about cutting-edge ideas and up-to-date information, best practices, and the future of data and data tech, join us at DataDecisionMakers.

You might even consider contributing an article of your own!

Read More From DataDecisionMakers



Source link

Share

Latest Updates

Frequently Asked Questions

Related Articles

China’s JD.com moves into food delivery, starts recruiting restaurants

China's e-commerce giant JD.com is venturing into the country's highly competitive food delivery...

Realme P3 Pro Design Teased; to Be Available With a Glow in the Dark Rear Panel

Realme P3 Pro is set to be unveiled in India on February 18....

Texas awards grants to five space companies

WASHINGTON — A Texas state agency awarded $47.7 million in grants to five...
SULTAN88
SULTANSLOT
RAJA328
JOIN88
GFC88
HOKIBET
RUSIASLOT88
TAHU69
BONANZA99
PRAGMABET
MEGA55
LUXURY777
LUXURY333
BORJU89
QQGAMING
KEDAI168
MEGA777
NAGASLOT777
TAKSU787
KKSLOT777
MAS77TOTO
bandar55
BOS303
HOKI99
NUSA365
YUHUSLOT
KTP168
GALAXY138
NEXIA138
PETIR33
BOOM138
MEGA888
CABE888
FOSIL777
turbospin138
KAPAKBET
SUPERJP
sultankoin99
dragon88
raffi888
kenzobet
aladin666
rgo365
ubm4d
GERCEP88
VIVA99
CR777
VOXY88
delman567
intan69
CABE888
RNR303
LOGO303
PEMBURUGACOR
mpo383
cermin4d
bm88
ANGKA79
WOWHOKI
ROKET303
MPOXL
GURITA168
SUPRASLOT
SGCWIN
DESA88
ARWANA388
DAUNEMAS
ALADDIN666
BIOWIN69
SKY77
DOTA88
NAGA138
API5000
y200m
PLAYBOOK88
LUXURY12
A200M
MPO700
KENANGAN4D
cakrabola
PANDAGENDUT
MARVEL77
UG300
HOKI178
MONTE77
JASABOLA
UNTAR4D
LIDO88
MAFIABOLA77
GASPOL189
mpo999
untung138
TW88
JAGUAR33
MPOBOS
SHIO88
VIVO4D
MPOXL
JARISAKTI
BBO303
AONCASH
ANGKER4D
LEVIS4D
JAGO88
REPUBLIK365
BOSDEAL88
BOLA168
akunjp
WARTEGBET
EZEBET
88PULSA
KITAB4D
BOSDEAL88
STUDIOBET
MESINKOIN
BIMA88
PPNUSA
ABGBET88
TOP77
BAYAR77
YES77
BBTN4D
BBCA4D
VSLOTS88
MPO800
PAHALA4D
KPI4D
JURAGAN77
QQ188
BOLAPELANGI
C200M
QQ998
GWKTOGEL
MEGABANDAR
COLOWIN
VIP579
SEVEN4D
MPO188
DEWATA88
SURAT4D
SINAR123
LAMBO77
GUDANG4D
AWAN4D
PLANETLIGA
GT88
ROYALSPIN88
MAMAJITU
MITO99
PEDIA4D
WIBU69JP
333HOKI
SIDARMA88
NAGAEMAS99
HOLA88
CAKAR76
KINGTOTO
RATUGAMING
SSI168
PILAR168
ACTOTO
EYANGTOGEL
KAISAR328
SLOT628
KAISAR88
DOTA88
MAXWIN369
ALIBABA99
MM168
SQUAD777
NAGABET88
JAYABOLA
SEMPATIGAME
PANDAJAGO
PIKAT4D
SINGA77
YUYU33
MASTERPLAY99
VICTORY39
NASA4D
PERMATA55
SAKAUSLOT
CK303
MPOTOWER
CIPUTRABET
WINJUDI
DEWI5000
IYA777
MAHIRTOTO
GOSLOT88
TIPTOP4D
RAJA787
JBO680
JOKER188
EPICPLAY88
TRIVABET
KAISAR189
JOKER81
JPSPIN88
MAYORA4D
DJARUMPLAY
OVO88
BAKTI78
WINGSLOT77
ICAFE4D
PDTOTO
JETPLAY88
CMBET88
CMBET88
didascaliasdelteatrocaminito.com
glenellynrent.com
gypsumboardequipment.com
realseller.org
https://harrysphone.com/upin
gyergyoalfalu.ro/tokek
vipokno.by/gokil
winjospg.com
winjos801.com/
www.logansquarerent.com
internationalfintech.com/bamsz
condowizard.ca
jawatoto889.com
hikaribet3.live
hikaribet1.com
heylink.me/hikaribet
www.nomadsumc.org
condowizard.ca/aromatoto
euro2024gol.com
www.imaracorp.com
daftarsekaibos.com
stuffyoucanuse.org/juragan
Toto Macau 4d
Aromatoto
Lippototo
Mbahtoto
Winjos
152.42.229.23
bandarlotre126.com
heylink.me/sekaipro
www.get-coachoutletsonline.com
wholesalejerseyslord.com
Lippototo
Zientoto
Lippototo
Situs Togel Resmi
Fajartoto
Situs Togel
Toto Macau
Winjos
Winlotre
Aromatoto
design-develop-test.com
winlotre.online
winlotre.xyz
winlotre.us
winlotrebandung.com
winlotrepalu.com
winlotresurabaya.shop
winlotrejakarta.com
winlotresemarang.shop
winlotrebali.shop
winlotreaceh.shop
winlotremakmur.com
Dadu Online
Taruhantoto
a Bandarlotre
bursaliga
lakitoto
aromatoto
Rebahin
untungslot.pages.dev
slotpoupler.pages.dev
rtpliveslot88a.pages.dev
tipsgameslot.pages.dev
pilihslot88.pages.dev
fortuertiger.pages.dev
linkp4d.pages.dev
linkslot88a.pages.dev
slotpgs8.pages.dev
markasjudi.pages.dev
saldo69.pages.dev
slotbenua.pages.dev
saingtoto.pages.dev
markastoto77.pages.dev
jowototo88.pages.dev
sungli78.pages.dev
volatilitas78.pages.dev
bonusbuy12.pages.dev
slotoffiline.pages.dev
dihindari77.pages.dev
rtpdislot1.pages.dev
agtslot77.pages.dev
congtoto15.pages.dev
hongkongtoto7.pages.dev
sinarmas177.pages.dev
hours771.pages.dev
sarana771.pages.dev
kananslot7.pages.dev
balitoto17.pages.dev
jowototo17.pages.dev
aromatotoding.com
unyagh.org
fairparkcounseling.com/gap/
impress-newtex.com/ajax/
SULTAN88
SULTANSLOT
RAJA328
JOIN88+
HOKIBET
GFC88
RusiaSlot88
Tahu69
BONANZA99
Pragmabet
mega55
luxury777
luxury333
borju89
qqgaming
KEDAI168
mega777
nagaslot777
TAKSU787
kkslot777
MAS77TOTO
BANDAR55+
BOS303
Login-HOKI99/
NUSA365
YUHUSLOT
ktp168
GALAXY138