Five Eyes spook shops warn rapid rollouts of agentic AI are too risky (www.theregister.com)

In a newly released guidance document, information security agencies from the Five Eyes alliance—including the U.S., UK, Canada, Australia, and New Zealand—are urging organizations to slow the rollout of agentic AI systems due to significant security risks. The document cautions that these advanced AI systems, which are already embedded in critical infrastructure and defense sectors, may behave unpredictably and exacerbate existing vulnerabilities. To mitigate these risks, the agencies recommend adopting a more cautious approach, focusing on resilience and security rather than productivity. The guidance highlights the interconnected nature of agentic AI systems, where integrating multiple components increases the potential attack surface for malicious actors. It underscores the importance of implementing rigorous security practices, including proper authorization, thorough testing of AI systems, and fail-safe mechanisms requiring human oversight in the event of uncertainty. The agencies call for increased attention from developers and vendors alike to address unique vulnerabilities associated with agentic AI, which could lead to grave consequences, such as unauthorized access and manipulation of sensitive information. This document represents a significant shift towards prioritizing security in the deployment of advanced AI technologies, urging organizations to opt for incremental adoption aligned with evolving threat models and best practices.