The Rise of Agentic AI and Its Security Implications
As organizations increasingly adopt agentic AI to enhance productivity and streamline operations, the security framework surrounding these deployments has become a critical concern. With major platforms embedding AI agents directly into their ecosystems, businesses must recognize that security isn’t a single-party responsibility but rather a collaborative effort between vendors and customers. This shared responsibility model, while complex, forms the foundation of successful AI implementation.
The consequences of overlooking security measures can be severe, as demonstrated by recent vulnerabilities like the “ForcedLeak” incident in Salesforce’s Agentforce platform. This critical vulnerability chain, discovered by AI security firm Noma, highlighted how threat actors could potentially exfiltrate sensitive CRM data through indirect prompt injection attacks. While Salesforce addressed the issue through updates and access control recommendations, such incidents underscore the broader security challenges facing AI deployments across industries.
Understanding the Shared Responsibility Framework
The division of security responsibilities in AI deployments mirrors the shared responsibility model familiar from cloud computing, but with additional layers of complexity. According to security experts, vendors bear responsibility for securing their infrastructure and core AI systems, while customers must manage data access controls and user permissions.
Itay Ravia of Aim Security observes that the current AI boom has created a “race to make AI smarter, stronger, and more capable at the expense of security.” This acceleration in development often outpaces security considerations, leaving organizations to fill the gaps. As recent technology investments demonstrate, the market is recognizing the need for more secure AI foundations.
Brian Vecci of Varonis provides crucial clarification about data storage: “Data isn’t stored in an AI agent directly, but rather within the enterprise data repositories that agents are granted access to. That access control can be individual to the agent or the user(s) that are prompting it, and it’s the responsibility of the enterprise to secure that data appropriately.”
Practical Security Measures for AI Deployments
Organizations implementing AI agents should consider several key security practices:
- Comprehensive access control reviews: Regularly audit what data AI agents can access and under what circumstances
- Data flow mapping: Understand where data originates, how it moves through AI systems, and where it ultimately resides
- User training and awareness: Educate employees on proper AI usage and potential security risks
- Implementation of guardrails: Establish technical boundaries that prevent agents from operating outside their intended scope
Melissa Ruzzi of AppOmni emphasizes that “keeping data secure for AI agents should be considered akin to keeping data secure in software-as-a-service applications. The provider is responsible for the security of the infrastructure itself, and the customer is responsible for securing the data and users.” This perspective aligns with broader industry developments in cloud security.
The Vendor Perspective: Tools and Limitations
Major AI vendors have begun implementing additional security measures, with some like Salesforce now requiring multifactor authentication for all customers. However, security experts caution that these measures, while valuable, have limitations.
David Brauchler of NCC Group notes that “AI vendors may reasonably enforce certain security best practices, but none of the tools available to vendors fundamentally solve the underlying data access problem. Tools like secrets scanning and data loss prevention often lead to a false sense of security.” This reality underscores why organizations cannot rely solely on vendor-provided security.
The challenge is further complicated by the rapid evolution of AI capabilities and the corresponding market trends driving adoption. As businesses race to implement AI solutions, security considerations must keep pace with functional requirements.
Building a Secure AI Future
The path forward requires both vendors and customers to acknowledge their respective roles in the security ecosystem. Vendors must prioritize security throughout the development lifecycle, while organizations using AI agents need to implement robust data governance practices.
Recent related innovations in the AI space demonstrate the ongoing tension between capability expansion and security implementation. Similarly, the global economic landscape influences how organizations allocate resources between AI advancement and security measures.
For businesses considering AI adoption, the approach should be methodical rather than rushed. As demonstrated by Salesforce’s agentic AI vision, successful implementations balance innovation with responsibility. Organizations should thoroughly assess what data their AI agents will access, establish clear security protocols, and maintain ongoing vigilance as both the technology and threat landscape evolve.
The security of AI agents represents not just a technical challenge but a fundamental shift in how organizations approach digital trust. By embracing shared responsibility and implementing comprehensive security measures, businesses can harness the power of agentic AI while minimizing associated risks.
This article aggregates information from publicly available sources. All trademarks and copyrights belong to their respective owners.
Note: Featured image is for illustrative purposes only and does not represent any specific product, service, or entity mentioned in this article.
