AI agents – task-specific models designed to operate autonomously or semi-autonomously given instructions — are being widely implemented across enterprises (up to 79% of all surveyed for a PwC report earlier this year). But they're also introducing new security risks.
When an agentic AI security breach happens, companies may be quick to fire employees and assign blame, but slower to identify and fix the systemic failures that enabled it.
Forrester’s Predictions 2026: Cybersecurity and Risk predicts that the first agentic AI breach will lead to dismissals, adding that geopolitical turmoil and the pressure being put on CISOs and CIOs to deploy agentic AI quickly, while minimizing the risks.
CISOs are in for a challenging 2026
Those in organizations who compete globally are in for an especially tough next twelve months as governments move to more tightly regulate and outright control critical communication infrastructure.
Forrester also predicts the EU will establish its own known exploited vulnerability database, which translates into immediate demand for regionalized security pros that CISOs will also need to find, recruit, and hire fast if this prediction happens.
Forrester also predicts that quantum‑security spending will exceed 5% of overall IT security budgets, a plausible outcome given researchers’ steady progress toward quantum‑resistant cryptography and enterprises’ urgency to pre‑empt the ‘harvest now, decrypt later’ threat.”
Of the five major challenges CISOs will face in 2026, none is more lethal and has the potential to completely reorder the threat landscape as agentic AI breaches and the next generation of weaponized AI.
How CISOs are tacking agentic AI threats head-on
“The adoption of agentic AI introduces entirely new security threats that bypass traditional controls. These risks span data exfiltration, autonomous misuse of APIs, and covert cross-agent collusion, all of which could disrupt enterprise operations or violate regulatory mandates,” Jerry R. Geisler III, Executive Vice President and Chief Information Security Officer at Walmart Inc., told VentureBeat in a recent interview.
Geisler continued, articulating Walmart’s direction. “Our strategy is to build robust, proactive security controls using advanced AI Security Posture Management (AI-SPM), ensuring continuous risk monitoring, data protection, regulatory compliance and operational trust.”
Implicit in agentic AI are the risks of what happens when agents don’t get along, compete for resources, or worse, lack the basic architecture to ensure minimum viable security (MVS). Forrester defines MVS as an approach to integrate security , writing that “in early-stage concept testing, without slowing down the product team. As the product evolves from early-stage concept testing to an alpha release to a beta release and onward, MVS security activities also evolve, until it is time to leave MVS behind.”
Sam Evans, CISO of Clearwater Analytics provided insights into how he addressed the challenge in a recent VentureBeat interview. “I remember when one of the first board meetings I was in, they asked me, "So what are your thoughts on ChatGPT?" I said, "Well, it's an incredible productivity tool. However, I don't know how we could let our employees use it, because my biggest fear is somebody copies and pastes customer data into it, or our source code, which is our intellectual property."
Evans’ company manages $8.8 trillion in assets. "The worst possible thing would be one of our employees taking customer data and putting it into an AI engine that we don't manage," Evans told VentureBeat. "The employee not knowing any different or trying to solve a problem for a customer...that data helps train the model."
Evans elaborated, “But I didn't just come to the board with my concerns and problems. I said, 'Well, here's my solution. I don't want to stop people from being productive, but I also want to protect it.' When I came to the board and explained how these enterprise browsers work, they're like, 'Okay, that makes much sense, but can you really do it?'
Following the board meeting, Evans and his team began an in-depth and comprehensive due diligence process that resulted in Clearwater choosing Island.
Boardrooms are handing CISOs a clear, urgent mandate: secure the latest wave of AI and agentic‑AI apps, tools and platforms so organizations can unlock productivity gains immediately without sacrificing security or slowing innovation.
The velocity of agent deployments across enterprises has pushed the pressure to deliver value at breakneck speed higher than it’s ever been. As George Kurtz, CEO and founder of CrowdStrike, said in a recent interview: “The speed of today’s cyberattacks requires security teams to rapidly analyze massive amounts of data to detect, investigate, and respond faster. Adversaries are setting records, with breakout times of just over two minutes, leaving no room for delay.”
Productivity and security are no longer separate lanes; they’re the same road. Move fast or the competition and the adversaries will move past you is the message boards are delivering to CISOs today.
Walmart’s CISO keeps the intensity up on innovation
Geisler puts a high priority on keeping a continual pipeline of innovative new ideas flowing at Walmart.
“An environment of our size requires a tailor-made approach, and interestingly enough, a startup mindset. Our team often takes a step back and asks, "If we were a new company and building from ground zero, what would we build?" Geisler continued, “Identity & access management (IAM) has gone through many iterations over the past 30+ years, and our main focus is on how to modernize our IAM stack to simplify it. While related to yet different from Zero Trust, our principle of least privilege won't change.”
Walmart has turned innovation into a practical, pragmatic strategy for continually hardening its defenses while reducing risk, all while making major contributions to the growth of the business. Having created a process that can do this at scale in an agentic AI era is one of the many ways cybersecurity delivers business value to the company.
VentureBeat continues to see companies, including Clearwater Analytics, Walmart, and many others, putting cyberdefenses in place to counter agentic AI cyberattacks.
Of the many interviews we’ve had with CISOs and enterprise security teams, seven battle-tested ways emerge of how enterprises are securing themselves against potential agentic AI attacks.
Seven ways CISOs are securing their firms now
From in-depth conversations with CISOs and security leaders, seven proven strategies emerge for protecting enterprises against imminent agentic AI threats:
1. Visibility is the first line of defense. “The rising use of multi‑agent systems will introduce new attack vectors and vulnerabilities that could be exploited if they aren’t secured properly from the start,” Nicole Carignan, VP Strategic Cyber AI at Darktrace, told VentureBeat earlier this year. An accurate, real‑time inventory that identifies every deployed system, tracks decision and system interdependencies to the agentic level, while also mapping unintended interactions at the agentic level, is now foundational to enterprise resilience.
2. Reinforce API security now and develop muscle memory organizationally to keep them secure. Security and risk management professionals from financial services, retail and banking who spoke with VentureBeat on condition of anonymity emphasized the importance of continuously monitoring risk at API layers, stating their strategy is to leverage advanced AI Security Posture Management (AI-SPM) to maintain visibility, enforce regulatory compliance, and operational trust across complex environment. APIs represent the front lines of agentic risk, and strengthening their security transforms them from integration points into strategic enforcement layers.
3. Manage autonomous identities as a strategic priority. “Identity is now the control plane for AI security. When an AI agent suddenly accesses systems outside its established pattern, we treat it identically to a compromised employee credential,” said Adam Meyers, Head of Counter‑Adversary Operations at CrowdStrike during a recent interview with VentureBeat. In the era of agentic AI, the traditional IAM playbook is obsolete. Enterprises must deploy IAM frameworks that scale to millions of dynamic identities, enforce least‑privilege continuously, integrate behavioral analytics for machines and humans alike, and revoke access in real time. Only by elevating identity management from an operational cost center to a strategic control plane will organizations tame the velocity, complexity and risk of autonomous systems.
4. Upgrade to real-time observability for rapid threat detection. Static logging belongs to another era of cybersecurity. In an agentic environment, observability must evolve into a live, continuously streaming intelligence layer that captures the full scope of system behavior. The enterprises that fuse telemetry, analytics, and automated response into a single, adaptive feedback loop capable of spotting and containing anomalies in seconds rather than hours stand the best chance of thwarting an agentic AI attack.
5. Embed proactive oversight to balance innovation with control. No enterprise ever excelled against its growth targets by ignoring the guardrails of the latest technologies they were using to get there. For agentic AI that’s core to the future of getting the most value possible out of this technology. CISOs who lead effectively in this new landscape ensure human-in-the-middle workflows are designed in from the beginning. Oversight at the human level also helps create clear decision points that surface issues early before they spiral. The result? Innovation can run at full throttle, knowing proactive oversight will tap the brakes just enough to keep the enterprise safely on track.
6. Make governance adaptive to match AI’s rapid deployment. Static, inflexible governance might as well be yesterday’s newspaper because outdated the moment it's printed. In an agentic world moving at machine-speed, compliance policies must adapt continuously, embedded in real-time operational workflows rather than stored on dusty shelves. The CISOs making the most impact understand governance isn't just paperwork; it’s code, it’s culture, it’s integrated directly into the heartbeat of the enterprise to keep pace with every new deployment.
7. Engineer incident response ahead of machine-speed threats. The worst time to plan your incident response? When your Active Directory and other core systems have been compromised by an agentic AI breach. Forward-thinking CISOs build, test, and refine their response playbooks before agentic threats hit, integrating automated processes that respond at the speed of attacks themselves. Incident readiness isn’t a fire drill; it needs to be muscle memory or an always-on discipline, woven into the enterprise’s operational fabric to make sure when threats inevitably arrive, the team is calm, coordinated, and already one step ahead.
Agentic AI is reordering the threat landscape in real-time right now
As Forrester predicts, the first major agentic breach won’t just claim jobs; it’ll expose every organization that chose inertia over initiative, shining a harsh spotlight on overlooked gaps in governance, API security, identity management, and real-time observability. Meanwhile, quantum threats are driving budget allocations higher, forcing security leaders to act urgently before their defenses become obsolete overnight.
The CISOs who win this race are already mapping their systems in real-time, embedding governance into their operational core, and weaving proactive incident responses into the fabric of their daily operations. Enterprises that embrace this proactive stance will turn risk management into a strategic advantage, staying steps ahead of both competitors and adversaries.
