Notifications
Clear all
Topic starter
09/06/2026 11:51 pm
TL;DR: Agentic AI governance shifts the risk from what a system says to what it can do, because agents can query databases, trigger workflows, call APIs, and update records in one sequence, according to Lasso Security. Static AI policies were built for outputs, not machine-speed actions, and that assumption now fails.
NHIMG editorial — based on content published by Lasso Security: AI Governance Challenges in the Age of Agentic AI
Questions worth separating out
Q: How should security teams govern AI agents that can act across multiple systems?
A: Security teams should govern AI agents as non-human identities with explicit action boundaries, not as chat interfaces.
Q: Why do agentic AI systems complicate least privilege?
A: They complicate least privilege because the agent's effective scope is not fully knowable at provisioning time.
Q: What breaks when AI governance only monitors prompts and outputs?
A: Prompt and output monitoring misses the moment where the real risk occurs, which is execution.
Practitioner guidance
- Build a live agent inventory Track every agent across code repositories, cloud platforms, and third-party services, including the models they run, the tools they can call, and the APIs they inherit.
- Separate output review from action control Define control points for database queries, workflow triggers, record updates, and external API calls.
- Test for fragile intent under sustained prompting Use multi-turn adversarial testing to see where an agent's intent breaks down under persistence, state changes, and tool pressure.
What's in the full article
Lasso Security's full blog post covers the operational detail this post intentionally leaves for the source:
- A step-by-step framework for discovering agents across code repositories, cloud platforms, and third-party services.
- The article's breakdown of adaptive policy enforcement and runtime detection across tools, memory, and decision points.
- The operational explanation of fragile intent testing, including how sustained conversations expose failure modes.
- The vendor's own description of its discover, assess, protect loop for agentic governance.
👉 Read Lasso Security's analysis of AI governance challenges in agentic AI →
Agentic AI governance gaps: are your controls keeping up?
Explore further
10/06/2026 2:22 am
Agentic AI creates an identity governance problem, not just an AI policy problem. Once an agent can act across systems, the question is no longer whether its output is acceptable. The question is whether its runtime authority is bounded well enough for IAM, PAM, and governance controls to make sense. That moves the issue into identity security, where inventory, entitlement scope, and escalation boundaries are the real control plane. Practitioners should treat agent access as governed identity, not as a content moderation problem.
A few things that frame the scale:
- 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems (39%), inappropriately sharing sensitive data (31%), and revealing access credentials (23%), according to AI Agents: The New Attack Surface report.
- 52% of companies can track and audit the data their AI agents access, leaving 48% with a complete blind spot for compliance and breach investigation.
A question worth separating out:
Q: Who is accountable when an autonomous agent causes business harm?
A: Accountability sits with the organisation that granted the agent its access, defined its guardrails, and failed to monitor its runtime behaviour. In practice, responsibility spans the AI owner, the identity team, and the control owners for every connected system the agent can touch. Governance must make that chain explicit before incidents occur.
👉 Read our full editorial: AI governance for agentic systems breaks at runtime, not policy
