Agentic AI flagged as major cyber risk in new critical infra report

A new piece on Homeland Security Today, drawing on HiddenLayer’s 2026 AI Threat Landscape and Booz Allen Hamilton’s March 2026 threat report, characterizes agentic AI as a rapidly expanding attack surface—especially in critical infrastructure. HiddenLayer’s data indicates that roughly one in eight reported AI breaches now involves agentic systems. The vulnerabilities are agent-specific: injected malicious inputs, tool misuse, privilege escalation, memory poisoning, and cascading failures across interconnected agent networks do not map neatly onto existing intrusion detection frameworks.

The article situates this shift within a broader policy context. DHS’s 2024 Roles and Responsibilities Framework for AI in Critical Infrastructure and CISA’s December 2025 guidance on AI in OT environments both emphasize the risks of agents that can act on physical systems. The piece argues that minimum requirements for agentic deployments should include robust prompt-injection defenses, documented human-override mechanisms for consequential decisions, comprehensive audit logging of autonomous actions, and architectural isolation to limit blast radius when an agent is compromised.

What changed. Recent threat reports and federal guidance now explicitly single out agentic AI as a separate class of cyber risk, with concrete statistics showing agents involved in a significant share of AI-related breaches.

Why it matters. Security and compliance teams will increasingly demand agent-specific controls—like injection-resistant tool plans, strong sandboxing around actions, and traceable decision logs—before allowing agents anywhere near critical systems.

Builder takeaway. When designing agent frameworks or deploying agents in sensitive environments, build in isolation boundaries, override hooks, and structured logs at the orchestration layer rather than bolting on security after the fact; regulators and CISOs will expect these features as table stakes.