A coalition of leading global cyber authorities has released a comprehensive warning on the growing security risks posed by agentic AI systems — autonomous AI agents capable of planning, reasoning, and taking actions without continuous human oversight.
The guidance, co‑authored by the Australian Signals Directorate, CISA, NSA, the Canadian Centre for Cyber Security, New Zealand’s NCSC, and the UK’s NCSC, stresses that agentic AI is already operating across “critical infrastructure and defence sectors” and requires urgent security attention.
The report highlights that while agentic AI can automate “repetitive, well‑defined and low‑risk tasks,” it also introduces new vulnerabilities, including privilege escalation, identity spoofing, prompt injection, cascading system failures, and unpredictable emergent behaviors.
The agencies warn that agentic AI systems dramatically expand the attack surface because they rely on interconnected tools, external data sources, and memory systems — each a potential entry point for malicious actors. They also note that agents may “act autonomously, follow goal‑directed behaviours, and create long‑term plans,” making failures harder to predict or contain.
To mitigate these risks, the guidance recommends strict least‑privilege access, continuous monitoring, strong identity controls, human‑in‑the‑loop checkpoints, red‑teaming, and phased deployment. Until standards mature, the agencies advise organizations to assume agentic AI “may behave unexpectedly” and to prioritize resilience and reversibility over speed or efficiency.
