ISC2 Insights talked to CISO, former pentester and offensive security expert Alex Haynes, CISSP about the impact of agentic AI on cybersecurity teams and workflows.
We discussed some of the security issues facing organizations today as they try to balance meeting the demand for agentic AI tools and services with the need to maintain robust cybersecurity measures, making sure that adopting agentic AI doesn't create weaknesses that both bad actors and runaway AI tools can use inappropriately. Haynes explored the challenges of securing autonomous AI systems, emerging vulnerabilities, governance requirements and practical approaches to managing risk while enabling innovation.
Dealing With a New Kind of Asset
Haynes described agentic AI as a fundamentally new asset type, comparable to the shift from on-premises infrastructure to cloud computing. Traditional security tools were not designed to understand, scan or secure AI agents, creating visibility and protection gaps across organizations. Existing vulnerability scanners, for example, are unable to identify AI-specific weaknesses such as prompt injection attacks. While vendors are beginning to introduce tools designed for AI environments, most organizations are still relying on security technologies that were built for more traditional systems.
A key challenge is that AI agents blur the line between technical assets and digital identities. Unlike conventional applications, agents interact with files, databases and collaboration platforms in ways that resemble human users. As a result, organizations must manage them both as configurable systems and as identities with specific permissions. Haynes emphasized that long-established security principles remain highly relevant, particularly least privilege. Agents should only have access to the tools and data required to perform their intended functions, as excessive permissions can introduce significant risk.
Haynes also examined the growing threat of shadow AI. As AI capabilities become embedded into everyday tools, employees may unknowingly expose sensitive information by using free-tier AI services that retain submitted data for model training. Haynes recommends that organizations first identify what AI services are being used and then rationalize those services through enterprise licensing, privacy controls and governance. Rather than allowing dozens of overlapping AI tools, organizations should establish approved platforms for specific use cases such as coding, documentation or content creation.
Despite these challenges, Haynes remains optimistic. He compared today's AI security landscape to the early days of cloud adoption, when organizations faced similar visibility and governance hurdles. While agentic AI is advancing rapidly, the technology is still in its infancy. Over time, improved tools, stronger standards and greater operational experience will enable organizations to manage AI agents with the same confidence they apply to other critical enterprise assets today.



