AI Agents in Action Foundations for Evaluation and Governance 2025

Page 11 of 34 · WEF_AI_Agents_in_Action_Foundations_for_Evaluation_and_Governance_2025.pdf

← Prev Next → Download original PDF
As AI agents move into enterprise and consumer- facing environments, they extend rather than replace existing security challenges. Security strategies have evolved from perimeter defences to layered “defence in depth,” and more recently to the zero-trust model.10 These changes reflect broader transformations such as cloud adoption, distributed workforces and interconnected ecosystems, all of which have already weakened the notion of a clear boundary between internal and external networks. Agents build on this trajectory but add additional layers of risk that must be managed proactively. By autonomously invoking tools and communicating across organizational lines (e.g. via MCP and A2A), agents embed external services, databases and peer agents into enterprise workflows. This multiplication of identities and connections makes identity management, micro-segmentation and ongoing verification of agent activity essential. While protocols such as MCP and A2A can streamline integration, they also expand the attack surface11 by introducing new external dependencies and interfaces, as illustrated in Figure 2. The very interoperability that enhances agent capabilities also exposes enterprises to unpredictable inputs and vulnerabilities from third parties. For adopters, this means that every agent interaction should be treated as untrusted by default, and that verifying identity, permissions and context is necessary before granting access. Finally, agents can be misused.12 They might be exploited through design flaws or prompt injections, or even intentionally deployed for malicious purposes, such as accessing private data or spreading misinformation. Unlike traditional attacks, autonomous agents can act with speed and persistence, making attribution and accountability harder. Organizations should prepare for this by implementing strong audit trails, incident response plans and clear accountability structures.1.3 Cybersecurity considerations Security strategies have evolved from perimeter defences to layered “defence in depth” and more recently to the zero-trust model. AI Agents in Action: Foundations for Evaluation and Governance 11
Ask AI what this page says about a topic: