{"slug": "forbes-council-warns-businesses-to-secure-ai-agents", "title": "Forbes Council Warns Businesses To Secure AI Agents", "summary": "Joel Burleson-Davis, CTO at Imprivata, warned in a Forbes Councils post that enterprises must secure AI agents as they shift from passive analysis to autonomous action, citing McKinsey data showing 62% of organizations are experimenting with AI agents and 23% are scaling them. The post highlights elevated risks in healthcare and critical infrastructure, urging practitioners to implement endpoint controls, least-privilege delegations, and human-in-the-loop designs to prevent autonomous actions from causing real-world harm.", "body_md": "# Forbes Council Warns Businesses To Secure AI Agents\n\nJoel Burleson-Davis, CTO at Imprivata, writes in a Forbes Councils post that **agentic AI** is shifting from passive analysis to autonomous action and that enterprises must treat this as a security issue. The article cites McKinsey's 2025 State of AI survey finding that **62%** of respondents are at least experimenting with AI agents and **23%** are scaling them. The post highlights elevated risk in sectors such as **healthcare** and **critical infrastructure** where autonomous actions can have real-world consequences. For practitioners, this trend raises immediate needs around endpoint controls, least-privilege delegations, transaction auditing, and fail-safe human-in-the-loop designs because autonomous agents change the threat model from data exfiltration to action control.\n\n### What happened\n\nJoel Burleson-Davis, CTO at Imprivata, writes in a Forbes Councils post that the industry is moving into an era of **agentic AI**, where models can initiate workflows and execute actions rather than only surfacing analysis. The article cites McKinsey's 2025 State of AI survey finding that **62%** of respondents are at least experimenting with AI agents and **23%** are scaling them in at least one function. The post calls out heightened operational risk in sectors such as **healthcare** and **critical infrastructure**, and frames the shift as a change in the basic question from what AI can do to what AI should be allowed to do.\n\n### Editorial analysis - technical context\n\nAgentic AI expands the attack surface because agents execute state changes across services, not just return text. Industry-pattern observations: comparable autonomous systems introduce new control vectors, including credential delegation, unattended API access, and decision-automation pathways. These patterns increase the importance of robust identity and access management, fine-grained policy enforcement, and verifiable auditing trails. For teams that already run orchestration or CI/CD automation, the operational controls are similar in concept but must be adapted for AI-driven decision loops and probabilistic behavior.\n\n### Industry context\n\nCompanies adopting autonomous agents change risk priorities from model accuracy only to operational safety, traceability, and governance. Industry observers have repeatedly highlighted that deployments with action capabilities elevate regulatory and compliance exposure, especially where incorrect actions produce physical or clinical harm. Bessemer Venture Partners named securing AI agents the defining cybersecurity challenge of 2026, noting that the same autonomy that makes agents valuable makes them dangerous when compromised. For practitioners, this means security and ML/ops must coordinate earlier in the lifecycle to align threat models with control design.\n\n### What to watch\n\n- •Adoption signals: broader movement from experimental pilots to scaled, production agent deployments.\n- •Controls maturation: standardization of delegation patterns, credential brokering, and agent identity.\n- •Auditability: emergence of tamper-evident logs and signed decision artifacts for regulatory evidence.\n- •Incident taxonomy: classification of agent-caused incidents to inform mitigation playbooks.\n\n### For practitioners\n\nPrioritize mapping where agents are permitted to act, instrumenting actions with immutable logs, and integrating human approval gates where the cost of error is high. The Forbes Councils post does not prescribe a single technical architecture, but frames securing agentic AI as an operational imperative businesses must confront as deployments scale.\n\n## Scoring Rationale\n\nA vendor CTO opinion post in Forbes Technology Council citing real McKinsey adoption data (62%/23%) and raising legitimate enterprise security concerns about agentic AI. The piece is practitioner-relevant but is fundamentally a contributor thought-leadership column rather than original research, a product release, or breaking news - placing it solidly in the Solid tier.\n\nPractice interview problems based on real data\n\n1,500+ SQL & Python problems across 15 industry datasets — the exact type of data you work with.\n\n[Try 250 free problems](/problems)", "url": "https://wpnews.pro/news/forbes-council-warns-businesses-to-secure-ai-agents", "canonical_source": "https://letsdatascience.com/news/forbes-council-warns-businesses-to-secure-ai-agents-7be724b1", "published_at": "2026-06-24 10:50:31.844395+00:00", "updated_at": "2026-06-24 10:50:34.463126+00:00", "lang": "en", "topics": ["ai-agents", "ai-safety", "ai-policy", "ai-ethics", "ai-research"], "entities": ["Joel Burleson-Davis", "Imprivata", "Forbes Councils", "McKinsey", "Bessemer Venture Partners"], "alternates": {"html": "https://wpnews.pro/news/forbes-council-warns-businesses-to-secure-ai-agents", "markdown": "https://wpnews.pro/news/forbes-council-warns-businesses-to-secure-ai-agents.md", "text": "https://wpnews.pro/news/forbes-council-warns-businesses-to-secure-ai-agents.txt", "jsonld": "https://wpnews.pro/news/forbes-council-warns-businesses-to-secure-ai-agents.jsonld"}}