From Prompt to Peril? Agentic AI in Cyber

Blog From Prompt to Peril? Agentic AI in Cyber

From Prompt to Peril? Agentic AI in Cyber

"If you're going to spend the time to learn a new tool, to learn a new technology, to figure it all out... just to redo the broken process that you had before, that's really not moving the ball." - Todd Wilkinson

The AI Spectrum: Generative, Agentic, and Autonomous

If you’re going to write a policy, you need clear definitions.

For cybersecurity—GRC specifically—rapidly changing interpretations might have legal implications. Within the machine learning community, and beyond, these terms are evolving and are hotly debated. While all AI leverages underlying engines, their operational modalities differ significantly.

AI Agents, Agentic AI, and Autonomous AI

Here’s a high-level look at the differences between these terms.

Generative AI:

This form excels at content creation. Given a prompt, Generative AI produces new content, whether it's sophisticated imagery, synthetic audio, written narratives, or transforming disparate ideas into coherent reports. It focuses on creation based on input, rather than action (examples include Gemini, Google VEO, CoPilot).

AI Agent:

An AI agent is a tool that follows instructions within a defined scope. They are designed to observe an environment, process inputs, and take actions based on a predefined goal. These agents can be as simple as a chatbot answering customer service questions. These agents are task-focused, making them good fits for clearly scoped, repetitive work; in a business context, they can help decrease human involvement in menial tasks. An important clarification to make early: an AI Agent is not agentic AI. AI agents are reactive—they wait for humans to give them tasks.

Agentic AI:

Moving beyond creation, Agentic AI refers to a system designed to take actions based on predefined goals. Think of it as a series of specialized agents, each with a narrowly defined scope. For instance, one agent might scrape a webpage for data, another summarizes it, and a third posts it to a designated platform. Agentic AI can plan ahead, define goals, learn, prioritize tasks, problem solve and troubleshoot... and then independently execute a task. While akin to traditional automation or workflow engines, Agentic AI uses its interpretive capabilities to reduce the sheer volume of ‘if-then’ steps required in complex workflows. It’s about intelligently executing tasks.

Agentic AI is proactive and accomplishes goals, not individual tasks, all on its own, without our help. (Are you with us so far? AI Agents are low autonomous; Agentic AI is highly autonomous.)

Autonomous AI:

At possibly the furthest end of the spectrum, Autonomous AI operates independently, following predefined rules and making decisions without human intervention. In many practical applications, what is often termed “autonomous AI” is essentially a highly coupled system of agentic AIs working in concert under a set of overarching rules. The critical distinction lies in the level of human oversight—or lack thereof—in real-time operations. (More on that later!)

AI in Cybersecurity: Opportunities and Challenges

The application of AI in cybersecurity offers immense potential, particularly in automating mundane and repetitive tasks. As Aaron notes, "Agentic AI is being used successfully—and not quite as successfully—in various places of cybersecurity operations and dealing with the minutia of alerts and patching." Security Information and Event Management (SIEM) providers have incorporated AI into their solutions for years.

Consider the example of a malicious device detected on a network. Traditionally, an analyst might manually block or isolate it, or a pre-defined automated rule might trigger. With AI, especially Agentic AI, the system could theoretically identify the threat, follow a playbook, patch or resolve the issue, notify relevant personnel, and close the ticket—all without human input.

However, as Todd highlights, the critical challenge lies in the trust we place in AI. What if the AI misidentifies legitimate activity, like a CEO sharing sensitive data during a crucial deal, as a data exfiltration attempt and locks their device? A human would likely know not to shut down the CEO’s device... but AI doesn't have that context.

Organizations must meticulously define scenarios where AI should not take action or where human verification is absolutely required.

The question becomes, as Todd puts it, “How much trust do I give AI?”

The Role of Human Oversight in AI Implementation

The allure of full automation can lead organizations down a risky path. While AI can enhance efficiency, we can all agree it shouldn’t fully replace human judgment, especially in high-stakes cybersecurity operations.

"You can do pretty much anything in business that you want... with the right controls and thought in place."

The biggest risk isn't AI itself, but rather the premature automation of inefficient processes. Aaron—keeping it very real—asks, "before we start automating, is the process of just a flaming turd and we're just trying to make that go faster with fewer people?"

Automating a flawed process simply accelerates failure. Instead, organizations should use AI as an opportunity to rethink and optimize their existing workflows. This means leveraging AI to free up skilled security professionals from low-level tasks, allowing them to focus on strategic initiatives and proactive threat hunting that they previously lacked the time for.

Accountability and Governance in the Age of AI

When AI-driven actions go awry—when agentic AI performs unintended tasks or autonomous AI makes detrimental decisions—who is accountable?

Step one in addressing this question clarifies the need for a robust AI governance framework. An organization's AI policy must clearly define whether it will accept the outcomes of AI to customers or stakeholders, or if a "human in the loop" is consistently required.

Knowing which systems to use, whether autonomous, agentic, or even simply AI agents, will also affect what policies you have in place, as well as how much human intervention these systems need or are capable of having integrated. Human intervention for AI agents is a lot easier than overseeing an Agentic AI workflow!

Removing human oversight while simultaneously shirking accountability is a recipe for disaster.

Governance, although a broad term, is fundamentally about establishing clear processes for decision-making, communication, and risk management. It's about designing and implementing AI with forethought, rather than "winging it and hoping for the right controls." This proactive approach ensures that AI implementation is a "steady stream of progress" rather than a cycle of "shoot some ladders where you fall down in the pit."

The TL;DR?

AI offers transformative potential for cybersecurity, from accelerating data analysis and query refinement to streamlining complex integrations. However, its responsible adoption hinges on a deep understanding of its capabilities and limitations, a commitment to robust governance, and the unwavering prioritization of human oversight and accountability.

Looking for some advice about writing an AI policy that genuinely protects your business, data, and reputation? Get in touch via info@revealrisk.com!

About the author

Todd Wilkinson

Todd Wilkinson had served in the pharmaceutical and life sciences industry for over 20 years in a variety of technical & leadership roles. From his early career with systems and network infrastructure, later building and manufacturing diagnostic & data products, all the while building security teams to secure and improve the product offering to customers for each of those services. Most recently prior to coming to Reveal Risk Todd has most recently built Elanco Animal Health’s security program while taking it public through an IPO. Todd specialized in securing infrastructure, helping you launch products and loves to dig into large data sets to find those needles in the haystacks.