ClareNow
Search
ClareNow
Toggle sidebar
Cybersecurity → Neutral

You Can't Secure Your Agents If You Can't See Them

Knowing who an agent is and what it may access tells you nothing about whether what it just did was supposed to happen.

Forbes 3 min read 6/10
You Can't Secure Your Agents If You Can't See Them
Key Takeaways
  • The Forbes Tech Council article highlights a fundamental security flaw: identity and access controls for AI agents do not verify whether an action was intended, only that it was authorized.
  • Agent deployments are forecast to grow 10x by 2027, yet most enterprise security architectures still rely on static permissions designed for human users.
  • Behavioral monitoring—tracking agent actions, context, and deviations—is proposed as the necessary next step, analogous to application performance monitoring but for security.
  • Gartner projects that by 2028, 60% of organizations will deploy dedicated agent security tools, signaling a nascent but fast-growing market.
  • The article warns that existing zero-trust models fail for agents because they trust the identity and permissions, not the dynamic behavior of autonomous systems.
Traditional security tools can't tell if an AI agent's action was supposed to happen—even if they know who the agent is and what it can access. That visibility gap is the central warning from a new Forbes Tech Council article, which argues that organizations deploying autonomous AI agents are flying blind. The piece, titled 'You Can't Secure Your Agents If You Can't See Them,' challenges the assumption that identity and access controls are enough. Instead, it calls for a paradigm shift: security must track not just permissions but also intent and behavior in real time.

The problem stems from the nature of AI agents. Unlike static software that follows predefined scripts, agents make decisions, execute multi-step tasks, and adapt to new information. A single agent might be authorized to access customer databases, draft emails, and process refunds. But knowing those permissions tells you nothing about whether a specific refund was legitimate or part of a prompt injection attack. The article's core insight: 'Knowing who an agent is and what it may access tells you nothing about whether what it just did was supposed to happen.'

This issue is becoming urgent as enterprises rush to deploy agents for customer service, code generation, and financial reconciliation. According to industry estimates, agent deployments are expected to grow 10x by 2027. Yet most security architectures were built for human users and deterministic APIs. The result is a blind spot where malicious or misaligned actions can go undetected until damage is done.

The article doesn't name specific breaches, but it points to a growing consensus among cybersecurity researchers: agent observability is now a top priority. Startups like Lacework and SentinelOne are already exploring behavioral baselines for agents, but the field is nascent. The Forbes piece suggests that security teams need to instrument agent workflows the way they instrument code: with logging, tracing, and anomaly detection. Without that, even the most sophisticated zero-trust architecture fails.

Broader implications are significant. If AI agents become ubiquitous in enterprise operations, the current security model—identity-first, behavior-second—will need to invert. As one unnamed security architect put it in the article, 'We can no longer trust the agent just because we trusted its identity.' The AI agent security market is likely to explode, with Gartner predicting that by 2028, 60% of organizations will deploy dedicated agent security tools.

What happens next? Expect the emergence of agent-specific security frameworks, perhaps modeled on SIEMs but designed for non-human actors. Regulators in the EU and US are also eyeing agent accountability, which could force new transparency requirements. For now, the message is clear: if you can't see what your agents are doing, you can't secure them. The race to build visibility tools is on.

Frequently Asked Questions

The main challenge is a visibility gap. Traditional security tools know an agent's identity and permissions but cannot verify whether a specific action was intended or malicious. This makes it difficult to detect prompt injections, abuse, or misalignment.

Traditional access controls are designed for human users and deterministic software. AI agents make autonomous, adaptive decisions, so knowing their access rights does not reveal whether each action is legitimate. Behavior must be tracked in real time.

It means having full observability into an agent's actions—every API call, data access, and decision step. This requires logging, tracing, and anomaly detection to distinguish expected behavior from malicious activity.

Organizations should instrument agent workflows with behavioral baselines, real-time monitoring tools, and alerting for deviations. This is similar to how code is monitored with APM tools, but tailored for agent-specific patterns.

Without visibility, organizations cannot detect prompt injection attacks, data exfiltration, or unauthorized transactions. Agents could execute harmful actions that appear authorized, leading to data breaches, financial loss, or compliance violations.

Original source

www.forbes.com

Read original

Discussion

Join the discussion

Sign in to post a comment or reply.

No comments yet. Be the first to share your thoughts!

Sign in
Enter your email to receive a one-time sign-in code. No password needed.
Email address