As autonomous agents begin making decisions and moving data independently, Cisco, Google, Microsoft and IBM are reengineering enterprise security with AI. (Photo by KIRILL KUDRYAVTSEV/AFP via Getty Images)
AFP via Getty Images
Agentic AI is no longer confined to pioneering companies. These systems now operate across enterprise environments, accessing resources, making decisions and taking action with minimal human oversight. But with this autonomy comes a new class of risk. Security frameworks built for predictable, human-centric workflows are ill-equipped to handle agents that operate at machine speed, modify APIs and move sensitive data independently.
More than half (56%) of enterprise executives named security as their top concern in UiPath’s 2025 Agentic AI Report, followed by compliance, cost and integration complexity. Gartner forecasts that by 2027, more than 40% of agentic AI projects may be scrapped due to weak governance and inadequate risk management.
“Every new AI agent is both an asset and a new risk. Securing agentic AI is a fundamentally new challenge where we need to integrate predictable guardrails and policies into what are, by definition, non-deterministic systems. These are some of the biggest challenges in the history of security,” Jeetu Patel, president and chief product officer at Cisco, told me. “In conversations with security and infrastructure leaders, the disconnect is often around how quickly legacy security paradigms and teams can evolve to meet this new reality.”
Today, the security conversation is shifting from protecting data to safeguarding the decisions AI systems are now making autonomously. As companies rush to upgrade their networks to support agentic AI and IoT, many risk overlooking security in the process. As many as 97% of businesses say network upgrades are essential for the success of their AI and IoT initiatives, according to Cisco’s IT Networking Leader Survey 2025. However, the stakes are high, too; just one severe outage can cost the global economy nearly $160 billion.
“On the enterprise side, awareness is growing fast — but what’s less visible is how much activity is happening within business units, often without security teams fully in the loop,” Fernando Montenegro, VP and cybersecurity practice lead at The Futurum Group, told me. “Many of them already understand the urgency around agentic AI, but security teams need to be in the conversation early.”
The New Defense Playbook: AI-Powered Security at Enterprise Scale
Legacy defenses are fundamentally incompatible with the demands of agentic AI. As API calls multiply and agent behavior grows more opaque, traditional monitoring tools are struggling to keep pace. Without real-time visibility and control, agents can behave unpredictably or even dangerously. What’s needed now are new capabilities: continuous auditability, transparency and rapid remediation.
To mitigate the growing security risks of agentic systems, technology giants across the industry are now building governance and security solutions to meet the scale and speed of agentic AI. For instance, Microsoft has launched AI-powered Security Copilots that detect and neutralize threats with limited human intervention. Google Cloud is emphasizing traceability and auditability across its AI services. IBM is applying identity governance to AI systems.
Likewise, cloud networking and security company Cisco is embedding security deeper into the network, down to the silicon layer. The company recently introduced its AgenticOps strategy, which combines real-time observability, zero-trust frameworks and AI-native operations into a single enterprise architecture.
“The tech and security community is recognizing that to govern this new ecosystem, we need purpose-built frameworks that combine security, deep cross-domain context and continuous oversight, not just bolt-on controls,” DJ Sampath, SVP of AI software and platform at Cisco, told me. “Three things are non-negotiable: human-in-the-loop oversight, cross-domain context for every decision and security built in at every layer from silicon to software.”
At the heart of this model is Cisco’s Deep Network Model, a domain-specific large language model trained on decades of telemetry data (data from remote or hard-to-access systems, whether due to complexity or safety). It aims to equip security teams with natural language tools to monitor, investigate and respond to incidents in real time. In essence, it’s AI built to defend against AI.
The company has also introduced a Universal Zero Trust Network Access framework that extends identity-based controls to include delegated authorization, which lets users securely grant access to trusted service providers without sharing their credentials; proximity-based phishing resistance, which verifies that a request is coming from a nearby, trusted device; and support for the emerging Model Context Protocol (MCP), a new standard that allows AI systems to securely share context across different applications.
“We’re future-proofing networks with AI so they can recognize and mediate agent behavior at scale,” Patel explained. “Security must be as fast and adaptive as the AI agents themselves.”
Patel notes that agentic AI is driving unprecedented levels of operational speed and complexity, and while the industry is making headway, the biggest bottlenecks are now surfacing in the network layer. “Many of the primary limiting factors on AI scale outs like power consumption and inefficient GPU utilization can be directly addressed by more efficient networking and orchestration that makes sure data in where it’s needed, when it’s needed,” he said.
Building on this vision, Cisco is deepening its integrations following the acquisition of Splunk. Telemetry from Cisco firewalls now feeds directly into Splunk’s security platform, enabling automated response playbooks and correlating threat signals across the agentic application stack.
Agentic AI Demands a New Cybersecurity Mandate, and a Shift in Philosophy
The organizations that will thrive in this new era are those that embrace a simple truth: if AI is the engine of enterprise innovation, AI-powered security must be its steering system.
The most critical work around agentic AI today, Montenegro says, involves building a deep, transparent understanding of two foundational areas: First, how the organization functions, i.e., its key business processes, stakeholder relationships and desired outcomes. And second, how modern AI systems, particularly agents, operate at a technical level, how abstract concepts are translated into math, what infrastructure is needed to support these algorithms and how they interact within a system.
“Once these two foundations are in place, the organization will be in a much stronger position to evaluate and deploy agentic workflows across multiple use cases,” he adds.
The next generation of cybersecurity won’t be defined by how fast it reacts to threats, but by how intelligently it anticipates them. And that future is already taking shape.
“Pre-training lays the foundation, but in the agentic era it’s not enough. We need real-time feedback loops. Systems must continuously learn and harden as agents interact and adapt,” Cisco’s Sampath told me. “AgenticOps flips the script: now AI agents aren’t just generating insights, they’re proactively defending and adapting the network in real time.”
