How to deal with cybersecurity challenges related to proxy AI

Agent Artificial Intelligence (AI) represents the next frontier of AI, promising to surpass even the ability to generate AI (Genai). Unlike most Genai systems that rely on human prompts or supervision, Admit AI is proactive because it does not require user input to solve complex multi-step problems. By leveraging a digital ecosystem of large language models (LLM), machine learning (ML), and natural language processing (NLP), proxy AI performs tasks autonomously on behalf of humans or systems, greatly improving productivity and operations.

While Agesic AI is still in its early stages, experts highlight some groundbreaking use cases. Consider a bank’s customer service environment where AI agents can purely answer user’s questions when asked. Instead, the agent will actually complete a transaction or task, such as moving funds when prompted by a user. Another example might be in a financial environment where proxy AI systems help human analysts by autonomously and rapidly analyzing large amounts of data to generate auditable reports for data-known decisions.

The incredible possibility of proxy AI is undeniable. But, like any new technology, there are often security, governance, and compliance issues. The uniqueness of these AI agents presents some security and governance challenges to organizations. Businesses must address these challenges, not only to get the rewards of proxy AI, but also to ensure network security and efficiency.

What cybersecurity challenges does proxy AI create for organizations?

There are four basic operations for AI agents. The first is perception and data collection. These hundreds, thousands, or even millions of agents collect and collect data from multiple locations, regardless of cloud, local, edge, etc., and these data objects may come from anywhere, rather than a specific geographical location. The second step is decision-making. Once these agents collect data, they use AI and ML models to make decisions. The third step is action and execution. After the decision, these agents took corresponding actions to implement the decision. The final step is learning that these agents use data collected before and after deciding to adjust and adjust accordingly.

In this process, proxy AI needs to access huge data sets to run effectively. Agents will typically integrate with data systems that process or store sensitive information, such as financial records, healthcare databases, and other personally identifiable information (PII). Unfortunately, proxy AI complicates efforts to ensure network infrastructure is protected from vulnerabilities, especially cross-blue connectivity. It also presents export security challenges, making it difficult for companies to prevent penetration and direct and control violations. If AI agents are compromised, sensitive data can easily be leaked or stolen. Similarly, agents can be hijacked by malicious actors and used to generate and distribute false information on a large scale. When a violation occurs, it will not only be financially punished, but also have reputational consequences.

Critical features such as observability and traceability can be frustrated by proxy AI because it is difficult to track which data sets the AI ​​agent is accessing, increasing the risk of data that unauthorized users are being exposed or accessed. Similarly, dynamic learning and adaptation of proxy AI may hinder traditional security audits that rely on structured logs to track data flows. Proxy AI is also short-lived, dynamic, and constantly running, creating 24/7 requires maintaining optimal visibility and security. Ratio is another challenge. The growth of attack surfaces grows exponentially, extending beyond on-premises data centers and clouds to include the edge. In fact, proxy AI can add thousands to millions of new endpoints at the edge depending on the organization. These agents operate in numerous locations, whether it is different clouds, on-premises, edges, etc., making the network more vulnerable to attacks.

A comprehensive approach to addressing proxy AI security challenges

Organizations can address security challenges for proxy AI by applying security solutions and best practices in each of the four basic operational steps:

  1. Perception and data collection: Enterprises need end-to-end encryption of high bandwidth network connectivity to enable their agents to collect the large amount of data required for their functionality. Recall that, depending on the use case, these data may be sensitive or expensive. Companies should deploy high-speed encrypted connectivity solutions to run between all these data sources and protect sensitive and PII data.
  2. decision making: Companies must ensure that their AI agents have access to the right models as well as AI and ML infrastructure to make the right decisions. By implementing a cloud firewall, enterprises can get the connectivity and security they need to access the right models in an auditable way.
  3. Action execution: Artificial intelligence agents take action based on the decision. However, businesses must identify hundreds of agents that have made this decision. They also need to know how their agents communicate with each other to avoid conflict or “robot fight robots.” Therefore, organizations need observability and traceability of these actions taken by their AI agents. Observability is the ability to track, monitor and understand the internal state and behavior of AI agents in real time. Traceability is the ability to track and record data, decisions and actions made by AI agents.
  4. Learning and adapting: Companies spend millions (if not hundreds of millions or more) to adjust their algorithms, thereby increasing the value and accuracy of these agents. If bad actors master the model and eliminate it, all these resources can be in their hands within minutes. Businesses can protect their investments through export security features to prevent penetration, command and control violations.

Leverage proxy AI in a safe and responsible way

Agesic AI has great potential to enable companies to reach new heights of productivity and efficiency. But like any emerging technology in the AI ​​field, organizations must take precautions to protect their networks and sensitive data. Safety is particularly important today, given the highly complex and well-organized malignant factors funded by nation-states such as salt and silk typhoons, which continue to carry out large-scale attacks.

Organizations should work with cloud security experts to develop powerful, scalable and future security strategies that can address the unique challenges of proxy AI. These partners can enable businesses to track, manage and secure their AI agents; in addition, they help companies provide the awareness needed to meet standards related to compliance and governance.

You may also like...