NCSC Publishes Guidance on Securing Agentic AI Use
NCSC Publishes Guidance on Securing Agentic AI Use
https://www.infosecurity-magazine.com/news/ncsc-publishes-guidance-securing/
Publish Date: 2026-05-18 06:30:00
Source Domain: www.infosecurity-magazine.com
The UK’s National Cyber Security Centre (NCSC) has released new guidance for organizations keen to harness agentic AI but concerned about the associated cyber risks.
The new document summarizes a more detailed report authored by the NCSC alongside its Five Eyes counterparts in Australia, Canada, the US and New Zealand.
It argues that the autonomy and complexity of agentic systems make them particularly dangerous, warning of excessively broad access to external systems, data and tools, as well as unpredictable behavior.
Problems can be harder to spot when actions occur faster than humans can review them, while the sheer range of behaviors and tools available to agents make it more challenging to explain a particular course of action, the NCSC continued.
Read more on agentic AI guidance: OWASP Launches Agentic AI Security Guidance.
The NCSC urged organizations to think carefully before they deploy agents, explaining that if over-privileged or poorly designed, a single failure could quickly become a serious incident.
Organizations should therefore think about what might go wrong, reflect on whether AI is really needed for specific use cases and only deploy incrementally, “starting with tightly bounded pilots using clearly defined tasks.”
Teams must work out before deployment who owns the agentic system, who approves its access, who monitors its behavior, who reviews incidents, and who can stop it if something goes wrong, the NCSC added.
“Think about what could happen if an agent misunderstood its task, exceeded its intended scope or was manipulated, and never grant an agent unrestricted access to sensitive data or critical systems,” it said.
“Ensure you maintain ongoing visibility of the system’s operation and understand how to retain meaningful human oversight and control. If you cannot understand, monitor or contain an agent’s actions, it is not ready for deployment.”
