International Cyber Expo International Cyber Expo
  • About Us
Friday, 17 July, 2026
IT Security Guru
International Cyber Expo
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

AI Agents: Transformative or Turbulent?

By Javvad Malik, lead security awareness advocate at KnowBe4

by Javvad Malik
May 13, 2025
in News
Share on FacebookShare on Twitter

Described as revolutionary and disruptive, AI agents are the new cornerstone of innovation in 2025. But as with any technology standing on the cutting edge, this evolution isn’t without its trade-offs. Will this new blend of intelligence and autonomy really introduce a new era of efficiency? Or does the ability for AI Agents to act independently widen the attack surface for cyber threats, making them a potential liability?

Unlike the generative AI tools we’ve grown so familiar with in the UK, AI Agents represent the next frontier of artificial intelligence. While widely known generative AI tools like ChatGPT, Gemini and Grok process user input and generate text based on learned data patterns, agentic AI goes a step further—autonomously making decisions and taking actions to achieve specific outcomes. Think Robocop or I,Robot and you’re not a million miles away. Sounds a bit unnerving, doesn’t it?

Yet, in the hands of organisations, these agents could revolutionise industries, from automating customer interactions to managing vast logistics operations seamlessly. More realistic applications for AI agents include customer service bots, personal assistants, financial advisors, and even self-driving vehicles.

Take an agentic AI personal assistant as an example: this type of agent can leverage data-driven decision-making, machine learning, and logic-based reasoning to book flights, curate and send emails, and even automate complex workflows without human intervention. In fact, research reveals that 58% of workers are already using AI agents daily, with 41% highlighting the automation of tedious tasks as the primary benefit.

The uptake of AI agents across the UK is gaining momentum, with sectors like finance, healthcare, and retail increasingly adopting autonomous technologies to streamline operations and enhance customer experiences. In the financial sector, a recent survey by the Bank of England and FCA reveals that 75% of financial services firms in the UK are currently using AI, with an additional 10% planning to implement it within the next three years.

Agentic AI in organisations can offer unparalleled efficiency and streamlining of operations. In doing so, these AI agents can reduce human error and increase productivity.

But, like most revolutionary advancements in technology, this stark shift from reactive assistance to proactive automation comes with its own set of risks. Perhaps the most concerning is how this potentially widens the attack surface for cybercriminals.

Agentic AI could escalate the sophistication, personalisation, and scale of social engineering and phishing attacks, particularly through email. Generative AI has already elevated phishing capabilities, enabling targeted and convincing attacks at scale. According to Egress threat intelligence, AI is referenced in 74.8% of phishing toolkits examined, with 82% mentioning deepfakes.

Agentic AI takes this threat a step further by introducing an element of automation to these attacks. This could lead to more dynamic, adaptive, and persistent phishing campaigns that can learn from and respond to user behaviour in real-time. The autonomous nature of these AI agents could allow attackers to deploy and manage large-scale phishing operations with minimal human intervention, making detection and prevention even more challenging.

Moreover, 63% of cybersecurity leaders express concern about the use of deepfakes in cyberattacks, while 61% worry about cybercriminals leveraging generative AI chatbots to enhance their phishing campaigns. These statistics underscore the gravity of the situation and the need for robust countermeasures.

While these risks should be taken seriously by organisations, it is important to note that they are not entirely new. Rather, in many cases, they are an evolution of existing threats we’ve encountered with previous forms of AI. The key difference lies in the increased autonomy and scalability that agentic AI brings.

Organisations looking to adopt agentic AI should consider the overall risk, and undertake a thorough risk assessment prior to deploying. Such measures can include implementation of strong authentication, including multi-factor authentication while ensuring software is regularly updated and patched.

From a procedural perspective, clear guidelines should be established and ethical frameworks for AI agent operations. Finally, organisations should invest in continuous employee training on AI security awareness.

It is clear that AI agents bring significant benefits and risks. Therefore a multi-faceted approach combining human expertise with AI-driven intelligent technology is crucial. Particularly in the realm of email security, where social engineering attacks continue to evolve, a blend of comprehensive training and advanced AI-powered detection systems offers the most comprehensive approach.

By leveraging AI’s ability to identify subtle patterns indicative of AI-generated content, alongside human vigilance and critical thinking, organisations can be better equipped to defend against even the most sophisticated phishing attempts.

As we navigate this new era of agentic AI, staying informed, adaptable, and proactive in our security measures will be key to harnessing the benefits while mitigating the risks.

Tags: artificial intelligencecybersecuritysecurityTechnology
ShareTweet
Previous Post

Exploring CNAPP Options for Cloud Security in 2025

Next Post

ENISA Launches European Vulnerability Database to Bolster EU Cyber Resilience

Recent News

AI Appreciation Day: Security Leaders Say the Celebration Needs an Asterisk

AI Appreciation Day: Security Leaders Say the Celebration Needs an Asterisk

July 16, 2026
Q&A: Businesses Are Running Out of Time to Prepare for the Quantum Threat, Warns Moona Ederveen-Schneider

Q&A: Businesses Are Running Out of Time to Prepare for the Quantum Threat, Warns Moona Ederveen-Schneider

July 15, 2026
Proton Launches Business Continuity Service to Keep Firms Communicating Through Outages

Proton Launches Business Continuity Service to Keep Firms Communicating Through Outages

July 15, 2026
Forescout Uncovers AI Assisted Phishing Campaign Using Fake eCards

Forescout Uncovers AI Assisted Phishing Campaign Using Fake eCards

July 14, 2026

Eskenzi PR banner ad

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol

  • About Us
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol