Agentic AI: A New Era of Cybersecurity and the Question of Trust in Autonomous Systems

AI article illustration for ai-jarvis.eu
Agentic AI represents a fundamental shift in how humans and machines collaborate. Unlike conventional chatbots that merely answer queries, agentic systems can plan, use tools, and autonomously perform complex tasks. In the field of cybersecurity, this means a transformation from passive monitoring tools to active, autonomous entities. This article analyzes how this technology is changing the rules of the game for both defense and attack, and what it means for security experts and EU regulation.

Agentic AI: From mere text to autonomous action

Most people still imagine artificial intelligence as a dialogue – you ask a question, you get an answer. However, this is only the surface of generative AI. The real shift occurs with the advent of Agentic AI. Agentic systems are equipped with the ability to "reason" and the ability to use external tools, such as browsers, terminals, or API interfaces, to achieve a defined goal.

According to expert studies, including analyses published in PMC, these systems exhibit what is known as cognitive autonomy. This means they can break down a complex task into smaller subtasks and proceed with them without constant human supervision. For cybersecurity, this is crucial: an agent can not only detect suspicious activity but also initiate the isolation of an infected device or perform real-time log analysis.

Cyber Defense: Agentic Systems on the Front Line

In a modern digital environment where attacks occur in milliseconds, human reaction is no longer sufficient. This is where agentic AI comes into play. Companies like Microsoft are already implementing solutions that integrate agents directly into security operations. In a recent announcement on the Microsoft Security Blog, the need to secure the entire agentic AI chain was emphasized – from the model itself to the tools the agent controls.

How does it work in practice?

Imagine a typical incident: ransomware attempts to spread across a company's network. A traditional system generates a warning. An agentic system, however, can:

  • Identify the source process on the compromised machine.
  • Analyze its behavior using a sandbox.
  • Stop communication between the compromised machine and the server.
  • Create a report for the administrator with a clear description of the steps taken.
This process happens in seconds, which can save the company millions of crowns in subsequent damages.

Microsoft Security Copilot and Competition

The current cutting edge is Microsoft Security Copilot, which uses agentic capabilities to assist SOC (Security Operations Center) analysts. If we compare it with other players:

  • Microsoft Security Copilot: Strong integration into the Azure and Windows ecosystem. The price is around 55 USD / month per user (within enterprise licenses).
  • Google Gemini (Vertex AI Agents): Excellent in data analysis and integration with Google Cloud, but requires deeper technical configuration.
  • OpenAI (GPT-4o Agents): Great reasoning ability, but for complex cybersecurity defense, it requires building your own infrastructure using APIs, which increases development costs.

The Dark Side: When Agents Start Attacking

Every technological advance has its shadow. The same autonomy that defenders have can also be exploited by cybercriminals. Agentic attacks represent a new level of sophistication. An attacker no longer has to write scripts manually; they can let an agent constantly scan for vulnerabilities, look for weaknesses in human behavior (phishing), and automatically adjust its methods based on the defender's reaction.

Here we encounter the problem of trust. If agentic AI can make changes to the system, how do we ensure it won't be manipulated using so-called prompt injection (inserting a malicious command into a conversation)? If an attacker can "persuade" the defender to have the agent perform a malicious action (for example, deleting backups instead of isolating a virus), we have a serious problem. Therefore, "Security for AI," i.e., protecting AI models themselves from manipulation, is a key topic.

Security in the context of the EU and the Czech market

For Czech companies and public administration, this topic is critical. Under the EU AI Act, systems used in critical infrastructure or for security purposes will likely be classified as high-risk. This brings strict requirements for transparency, data quality, and human oversight.

What does this mean for the Czech market?

  1. Availability: Tools like Microsoft Security Copilot are available to Czech corporations, but their implementation must meet strict GDPR standards and local cybersecurity laws.
  2. Localization: While models like GPT-4o or Gemini handle Czech at a top level, specific security terms and the context of Czech network configurations may require fine-tuning in Czech.
  3. Regulation: Czech companies must anticipate that the use of fully autonomous agents will require clear internal processes for "human-in-the-loop" in the decision-making cycle to prevent unintentional damage.

Summary: The Future is Agentic

Agentic AI is not just another trend; it is a transformation of how we will manage the digital world. For companies, it means higher efficiency and the ability to face modern threats, but it also requires a new level of strategic thinking in security. The key to success will not only be the adoption of the best models but, above all, the building of a trustworthy and secure infrastructure that does not control agents but allows them to serve effectively.

Can agentic AI in cybersecurity cause more harm than good?

If the system is not properly secured against manipulation (prompt injection) and does not have clearly defined rules for its actions, errors can occur, such as incorrect data deletion or unintended blocking of legitimate users. Therefore, human oversight and strict rules for autonomy are essential.

Is agentic AI available for small Czech companies, or is it only for corporations?

Currently, most advanced agentic solutions (like Microsoft Security Copilot) are aimed at the enterprise segment due to cost and implementation complexity. However, smaller companies can start using agentic capabilities through APIs (e.g., OpenAI or Anthropic) and build their own simpler automations, which is a cheaper way to modernize security.

How will the EU AI Act affect the use of these agents in the Czech Republic?

If agentic AI is used in sectors considered high-risk (e.g., banking, energy, public administration), it must meet strict requirements for documentation, security, and human oversight. This means that companies will not be able to simply "let AI loose on the network" but will have to demonstrate that the system is predictable and safe.