2 min read

Agentic AI Under Congressional Spotlight: Balancing Innovation and Security

Futuristic robot, glowing circuits, Capitol Building, and digital security shield.

Capitol Hill recently convened to scrutinize agentic artificial intelligence, a new class of AI designed for greater autonomy than its predecessors. During a hearing by the House Homeland Security Committee’s Cybersecurity and Infrastructure Protection Subcommittee, lawmakers and witnesses explored both the significant advantages and the inherent cybersecurity risks posed by this rapidly evolving technology. The discussion highlighted agentic AI's potential for innovation alongside urgent calls for robust security measures and regulatory frameworks.

Agentic AI: A New Frontier

Agentic AI represents a significant leap beyond generative or predictive AI, characterized by its ability to act with increased independence. While not yet as widespread, experts agree its adoption is accelerating, particularly in cybersecurity applications.

  • Agentic AI can streamline security operations and conduct investigative steps autonomously.
  • It introduces a new and complex class of security risks, including the potential for autonomous cyber operations.
  • Experts emphasize the need for secure-by-design principles and extensive testing.

The Advantages of Agentic AI

Witnesses at the hearing underscored the transformative potential of agentic AI. Gareth Maclachlan, Chief Product Officer at Trellix, explained how agentic AI assists in cybersecurity by efficiently finding evidence and running investigative steps based on established knowledge. He noted its capacity to "debate amongst itself and take different perspectives" to arrive at optimal solutions, filling gaps for individual users and enhancing security operations.

Cybersecurity Concerns and Challenges

Despite its promise, agentic AI introduces substantial security vulnerabilities. Jonathan Dambrot, CEO of Cranium AI, warned lawmakers about the "new and complex class of security risks" it presents. A compromised or maliciously directed AI agent, he cautioned, could autonomously conduct cyber operations at machine speed. Dambrot stressed that security must be embedded throughout the entire lifecycle of AI agents, asserting that "relying on AI to stop AI is not a viable defense strategy." He advocated for layered, in-depth, and proactive defenses.

The Path Forward: Regulation and Testing

Addressing the risks, experts called for proactive measures. Kiran Chinnagangannagari, Chief Product and Technology Officer at Securin, suggested applying existing secure-by-design technology development frameworks effectively to agentic AI systems. Furthermore, Maclachlan recommended that Congress establish more comprehensive technical guidelines as the industry increasingly adopts agentic AI. Steve Faehl, Federal Security Chief Technology Officer at Microsoft, emphasized the critical need for extensive testing of agentic models and applications to identify and mitigate potential model risks and biases they might introduce.

Sources

Nico Arqueros

Nico Arqueros

crypto builder (code, research and product) working on @shinkai_network by @dcspark_io