“ Agentic AI fundamentally changes the enterprise attack surface because it introduces autonomous entities capable of making decisions, accessing systems, and interacting with applications on behalf of users,” he said.
Unlike traditional software, AI agents do not simply execute predefined instructions. They interpret context, invoke APIs, access enterprise data and coordinate with other systems to complete assigned objectives.
That autonomy introduces entirely new attack vectors centred around agent identities, prompt manipulation, unauthorised actions, compromised integrations and data exposure.
Praneeth warned that an attacker who successfully manipulates an AI agent could influence business processes, gain access to sensitive information or trigger unintended actions across multiple enterprise systems.
Mena Migally, Regional Vice President, EMEA East at Veeam
Mena Migally, Regional Vice President, EMEA East at Veeam, shared a similar assessment.
“ Agentic AI expands the attack surface by introducing autonomous systems that continuously interact with data across applications, APIs, and other agents. These agents rely on constant access to enterprise data, often spanning hybrid and multi-cloud environments, which increases both the number of entry points and the complexity of controlling them,” he said.
Unlike conventional cyber incidents, where compromise may remain isolated to a single workload, autonomous agents create cascading risks.
Because they operate at machine speed and execute chained actions automatically, a compromised agent can rapidly propagate across systems and datasets before human operators have time to intervene.
38 WWW. INTELLIGENTCISO. COM / MIDDLE-EAST