7 Infrastructure Shifts B2B Tech Leaders Must Make for Agentic AI Readiness

Securing Agentic Agents: A Cyber-Risk Playbook for IT Leaders

By / AI, Artificial Intelligence, Business Internet, GPT, infrastructure

Securing Autonomous Agents: A Cyber-Risk Playbook

Agentic AI refers to automated systems that can understand their environment, make decisions, and then act on those decisions. Organizations can build agentic AI systems that can automatically serve customers, optimize their cloud usage, identify the best supply chain to use, and perform a wide range of other tasks.

However, autonomous agents also introduce a range of new risks, especially because malicious actors can tamper with, control, or corrupt them through data manipulation. To minimize the chances of otherwise helpful autonomous agents hurting your organization, here’s a risk playbook for IT leaders, outlining the new risks and how to mitigate them.

New Risks in the Age of Agentic AI

The first step in mitigating agentic AI risks is to understand how this technology alters the attack landscape. Here are some of the most problematic risks and why they’re so dangerous.

Rogue Agents

A rogue agent is one that, instead of doing what you designed it to do, does the bidding of a malicious actor. For example, suppose you use an AI agent to control your cloud environment, making sure the right virtual machines spin up at the appropriate time. An attacker could hack and program a rogue agent to spin up many machines randomly in an effort to drive your cloud costs beyond budgetary limits. Or an attacker could program the agent to spin up machines that perform the attacker’s bidding instead of that of your organization.

Biased Models

Biased models are a problem because they can perform actions based on bias instead of making fair, equitable decisions that reflect the values of your organization. For instance, an agent that you design to identify and communicate with job candidates may tend to choose people of a specific background or gender. This could easily result in a tainted, inferior candidate pool and unfair hiring practices, as well as bad press for your organization.

Sophisticated API Attacks

Application programming interfaces (APIs) enable software, including AI agents, to automatically pull data from other software. Some attackers choose to attack the systems and services that APIs depend on instead of trying to directly corrupt the AI agent that depends on them. If an attacker succeeds in corrupting a system that an API references, they could easily feed incorrect or harmful data to an AI agent.

Hackers could also initiate two-way communication between the API and the systems to which your agent has access. In effect, they could turn your AI agent into a data thief that feeds sensitive information back to their server.

Data Poisoning

A data poisoning attack takes advantage of the fact that you train AI agents on data to manipulate their behavior for malicious purposes. For example, suppose an AI agent intelligently decides which machinery to start up in a factory based on how different machines are currently performing. This could extend the longevity of equipment and result in a more efficient production process.

However, an attacker could change the data you use to train the agentic AI. For instance, perhaps the agent should start up Machine B after Machine A reaches a certain temperature threshold to prevent heat-related damage or a fire. A hacker could poison its training data, causing the agent to only start up Machine B long after Machine A has crossed the temperature threshold. Damage and fire could result.

Key Security Considerations for Agentic AI

Fortunately, there’s a lot you can do to reduce the risks of agentic AI-based attacks drastically. Here are some straightforward and highly effective ways to safeguard your autonomous environments.

Secure Your Data Pipelines

Securing your data pipelines starts with ensuring data integrity through validation and sanitization. For instance, you can establish simple rules that eliminate outliers in real time. Therefore, if an attacker tries to input harmful data, your system discards it because it exceeds safe thresholds.

Sanitizing your data immediately before you submit it for training can also prevent successful attacks. This involves establishing rules regarding the format, structure, and content of data and then using them to filter all data in your training system. In this way, you prevent attacks that may have poisoned the initial data source, such as that coming from an API or simulated data that a generative AI solution produces.

Improve Your Identity and Access Controls for Working With Agents

Ask yourself, “Who really needs to access our agents and the systems that inform and power them?” Try to make this list as short as possible. Then, once you’ve identified those that absolutely need access, establish multifactor authentication systems using zero-trust security principles.

For example, you can combine a username, password, biometric data, and another physical device in a multifactor authentication system.

To put zero-trust to work, you can set up access gateways at multiple points, such as before the development portal and the training database.

Implement API Security

API security for agentic AI typically includes:

  • Rate limiting. You set limits regarding how many API calls the system makes over a specific period of time.
  • Input validation. Validate not just the source of inputs but their contents, including pertinent information in data packets, if necessary. This could include eliminating extreme data or calls that occur at certain times of the day.
  • Web application firewalls (WAFs). A WAF can identify malicious requests and also prevent API calls that could attempt to exploit vulnerabilities, such as specific ports in the network your AI agent uses.

Use Comprehensive Monitoring to Detect Anomalies

Monitoring gives you deep visibility, and if you’re on the lookout for anomalies, it can automatically detect attacks. For example, a monitoring system can collect and analyze data associated with the number of resources an AI agent uses. If it detects that the AI agent is accessing more resources than it typically needs, the system can shut it down.

Integrating Security Into Your Governance Model

Your governance model is a powerful tool for bolstering your agentic AI-related security because you can use it to establish global rules that improve safety. Here are some examples:

  • Include security in all your design ideation. Instead of having your designers brainstorm the most lucrative or efficiency-boosting ideas, you can also require them to add “safest” to their vetting criteria. This embeds a security-focused mindset at the base of the developmental pyramid.
  • Incorporate penetration testing for all AI agents, software, and workflow automation products. Penetration testing should be part of your development life cycle. For example, you may want to include a comprehensive penetration test before certifying a minimal viable product (MVP). However, ensure you include all data entry and automated input systems in the MVP to avoid untested vulnerabilities. After all, even a relatively simple SQL attack can be enough to compromise an AI agent.
  • Instill communication between security and IT teams in your governance model. You can establish governance that requires IT and security to communicate on a regular basis regarding what they’re working on and how it may impact the other team. For instance, if security plans to install a new firewall, it should reach out to IT to make sure it has adequate throughput to support any AI agents you’re using.

Embrace Agentic AI by Improving Your Security

Agentic AI comes with an unlimited list of benefits—and you can enjoy them all by improving your security using the tips above. The most crucial step is adjusting your mindset, specifically by considering the architecture and data flows on which your AI agents depend. These include their access to APIs and even internal data sources.

IT leaders can get a step ahead in their AI security readiness by conducting a cyber-risk assessment and exploring Cox Business’s managed security solutions. This removes the guesswork and provides you with seasoned AI experts as you build a comprehensive agentic AI security system. Learn more today.

 

Latest posts by Martin Jones (see all)

Related Posts

Scroll to Top