The Rise Of Autonomous Cyber Agents

Ronen Cojocaru, Co-CEO and Co-founder, Imperative Inc. getty
Artificial intelligence is rapidly evolving from passive tools into autonomous "agentic" systems capable of making decisions and taking actions without direct human input. These AI agents are already proving valuable as co-pilots to human analysts, enhancing threat detection and speeding up incident response.
Yet their growing autonomy is a double-edged sword. As these agents gain more power, ensuring they remain secure, transparent and reliable becomes paramount. Early examples of agentic AI in cybersecurity, from automated threat-hunting bots to self-driving network monitors, demonstrate huge potential.
However, they also highlight new vulnerabilities. AI agents can, unfortunately, be easily tricked or influenced by bad data, sometimes resorting to biased or incorrect assumptions, and users may place misplaced confidence in their outputs. In short, agentic AI is a force multiplier for cyber defense, but without proper safeguards, it can just as easily multiply cyber risk.
Despite the promise, security leaders must grapple with several emerging risks from agentic AI systems. Notably, model drift, malicious manipulation and operational reliability issues are front and center: Model Drift
Over time, AI models can become misaligned with reality as their input data changes—a phenomenon known as 'data drift.' This natural degradation in data characteristics means an AI that once performed well might start making errors as its environment evolves.
For example, an intrusion detection model trained on last year's network traffic may gradually falter as new apps, devices and attacker techniques appear. Such drift opens up new attack surfaces if not caught and corrected, undermining the model's effectiveness. Recognizing this, recent joint security guidance from the U.S. and allies urges companies to monitor AI performance closely and treat drift as an expected challenge.
Agentic AIs are vulnerable to adversarial exploits. Hackers can attempt to manipulate an AI's inputs or training data to distort its behavior. Tactics like data poisoning and feeding incorrect or malicious data into an AI's training pipeline can wreak havoc on its decision making. Imagine an attacker subtly corrupting the data that trains a spam filter or fraud detector—the AI might then start letting threats slip through or flagging the wrong items. Officials worldwide are increasingly fearful of hackers manipulating AI systems, especially those deployed in critical infrastructure. A poisoned or manipulated model not only makes bad choices; it erodes confidence that AI outputs can be trusted at all. Operational Reliability And Trust
Like all AI, autonomous agents suffer from issues of hallucination, bias and erratic behavior, which can be amplified by their autonomy. Without proper governance, an AI agent might confidently produce incorrect analyses or take unauthorized steps. These problems aren't just theoretical—early deployments have shown that AI assistants can 'go rogue' or output toxic content if misused. Businesses have learned that an unsupervised agent's mistake can lead to serious harm, reputational damage or compliance violations.
Moreover, when AI agents act unpredictably, humans tend to either over-trust them or distrust them entirely—both scenarios are risky. As one expert noted, current AI agents are still 'easily tricked' and prone to biased assumptions, yet people often trust their answers when they shouldn't. Ensuring reliability means building in rigorous testing, guardrails and oversight for AI decisions. In practice, companies are putting 'human in the loop' controls on critical uses and instituting AI red-team exercises to probe for failure modes. The goal is an AI that operates responsibly and transparently, earning trust through consistent and correct performance. Future Outlook: Roadmap For AI-Powered Cybersecurity
While today's agentic AI is still maturing, the coming years promise a dramatic expansion of AI's role in cybersecurity. In this phase, organizations move from experimentation to real deployments of agentic AI for security. AI co-pilots become common in security operations centers, handling routine tasks and assisting human analysts. For instance, autonomous AI agents might triage alerts, scour logs for threats or automate responses to basic incidents. These early agentic systems are generally narrow in scope and operate under human supervision, reflecting lessons learned about governance.
Shadow AI agents (unsanctioned bots running without oversight) emerge as a concern, prompting companies to institute AI governance programs. Industry experts emphasize the need for visibility into all AI agents in use and strict alignment with security policies to avoid 'rogue' deployments. Notably, businesses begin to treat AI agents much like employees: vetting their 'credentials,' monitoring their activities and granting only least-privilege access. As one analysis put it, AI agents can indeed augment overworked cyber teams, but only if we ensure these agents are deployed in a secure, explainable and reliable manner.
Looking a bit further out, 2026 is expected to usher in swarm intelligence and collective defense enabled by networks of AI agents. Rather than working in isolation, multiple AI systems will increasingly communicate, collaborate and even negotiate with each other across networks. Cyber defenses could be handled by fleets of specialized AI agents, with one set watching network traffic, another analyzing user behaviors and others managing endpoint security—all sharing intelligence in real time.
This coordinated 'swarm' of AI agents can respond to threats faster than any single system, mimicking a colony of ants or bees that collectively defend their nest. A new challenge will be understanding the emergent behavior of interacting AIs. When dozens of semi-autonomous agents interconnect, unexpected dynamics may arise not unlike complex financial markets or ecosystems.
By the late 2020s, the industry anticipates a transition from narrow AI tools to cognitive cybersecurity ecosystems. In practice, this means AI systems with advanced reasoning capabilities are deeply integrated into every facet of cyber defense. For example, cyber defense systems will leverage AI that emulates human-like thinking and learning processes. These cognitive SOCs can ingest vast, diverse data streams, network logs, threat intel feeds, user activity and more to make connections that human analysts might miss. Cybersecurity ecosystems will become adaptive and self-optimizing. AI will not just react to attacks but continuously learn from them, evolving its defenses.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

Yahoo

an hour ago

• Yahoo

Spot Crypto ETF Filings for XRP, SOL, DOGE Among Those With Overwhelming SEC Approval Odds: Bloomberg

Odds are stacked that the U.S. Securities and Exchange Commission approves most of the filed crypto exchange-traded funds, including the various XRP ETFs, by their respective deadlines, according to Bloomberg Analysts James Seyffart and Eric Balchunas. 'We are raising our odds for the vast majority of the spot crypto ETF filings to 90% or higher,' Bloomberg Intelligence's James Seyffart said in a post on X. 'Engagement from the SEC is a very positive sign in our opinion.' According to the analysts, ETFs for assets like Litecoin, Solana, XRP, Dogecoin, and Cardano all now sit at or above the 90% mark. These estimates reflect growing optimism from ETF specialists following a wave of 19b-4 acknowledgements and S-1 amendment requests from the Securities and Exchange Commission. Analysts view this back-and-forth process as a signal that the SEC is now more willing to work with issuers. The only asset lagging behind is SUI, filed solely by Canary. Bloomberg assigns it a 60% chance of approval, citing a lack of regulated futures and regulatory uncertainty. Bettors on Polymarket are also feeling optimistic. They are giving a 98% chance that an XRP ETF gets approved this year, and a 91% chance a SOL ETF gets the green light. It's also likely that a DOGE ETF gets a go-ahead, with bettors giving that a 71% chance of happening.

Yahoo

an hour ago

• Yahoo

S&P 500-listed CEO Brian Armstrong warns of looming U.S. debt crisis

S&P 500-listed CEO Brian Armstrong warns of looming U.S. debt crisis originally appeared on TheStreet. Brian Armstrong, CEO of Coinbase, issued a dire warning about the state of the global economy this week, pointing to soaring debt, inflation, and declining economic freedom as the key drivers of rapidly increasing crypto adoption. In a post on X, Armstrong stated, "The world needs crypto, now more than ever," while posting a chart that U.S. federal debt surpassed $34 trillion. Armstrong characterized crypto as a means to regain financial sovereignty, giving individuals the ability to avoid centralized institutions and be able to access fast and cheap global payments. "Economic freedom means it's your money," he shared while referencing the growing demand for Bitcoin and stablecoins as an inflation hedge against out-of-control fiscal policy. His explanation of Coinbase's phased strategy is in three phases. It started as a crypto investment platform, expanded into financial services, and is evolving into an application layer for the next generation of internet tools. He continued explaining the growth of Bitcoin's all-time high and stablecoins, which are adopting more quickly as proof that crypto is "eating the financial services industry." Coinbase made four announcements at its 2025 State of Crypto Summit: Coinbase Business for startups; payment APIs for easy USDC settlements (with Shopify as a proof point), options trading via Deribit integration, and a new Coinbase card with an American Express partnership offering up to 4% Bitcoin rewards. "People are feeling a lack of trust in their money and deficit spending," Armstrong said. "Crypto is the solution—and Coinbase is leading the charge." He added that this movement is not just about price, but about "building a financial system from the ground up." S&P 500-listed CEO Brian Armstrong warns of looming U.S. debt crisis first appeared on TheStreet on Jun 20, 2025 This story was originally reported by TheStreet on Jun 20, 2025, where it first appeared.

Yahoo

an hour ago

• Yahoo

Tech stock hits all-time high after receiving 'First Buy' rating and 'genius' buzz

Tech stock hits all-time high after receiving 'First Buy' rating and 'genius' buzz originally appeared on TheStreet. The stock of Circle Internet Group (NYSE: CRCL) surged as much as 17% once it received the First Buy rating from Seaport Global on June 20, Bloomberg reported. Circle is the company behind the USDC stablecoin. A stablecoin is a type of cryptocurrency that tries to maintain a stable value, unlike mainstream cryptocurrencies like Bitcoin that are generally volatile. Circle's USDC, as the name suggests, is pegged 1:1 to the U.S. dollar. The second-largest stablecoin, it accounts for around 25% of the total stablecoin market cap of $251 billion, as per DeFiLlama. Join the conversation with Scott Melker on The company made a spectacular public debut on June 5 as it opened at $69, around 125% higher than the IPO price of $31. On June 17, the GENIUS Act, the legislation dealing with stablecoin regulation, passed the Senate. The landmark move further boosted the already booming CRCL stock as it surpassed the $200 price mark the next day. Join the conversation with Scott Melker on Now, Seaport Global has granted Circle the First Buy rating, demonstrating the growing institutional confidence in the newly launched stock and even in the burgeoning stablecoin industry. Seaport analyst Jeff Cantwell anticipates Circle increasing its revenue 25%-30% annually. In fact, the firm could reach $3.5 billion in revenue in 2025, he said. Cantwell added: "We view Circle as a top-tier crypto 'disruptor' with a sizable future opportunity." Since its public debut on June 5, the CRCL stock has surged more than 400% in value. It even hit an all-time high (ATH) of $248.88 on June 20. At press time, CRCL was trading at $237.88. Tech stock hits all-time high after receiving 'First Buy' rating and 'genius' buzz first appeared on TheStreet on Jun 20, 2025 This story was originally reported by TheStreet on Jun 20, 2025, where it first appeared. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data