Security agencies from the Five Eyes alliance have issued a serious warning about the risks of rolling out agentic AI systems too quickly. They emphasize that these advanced AIs, which can operate across critical infrastructure and support mission-critical tasks, are still too unpredictable and potentially dangerous. Their message is clear: organizations should prioritize caution and resilience over speed when adopting this technology.

Risks of Deploying Unvetted Agentic AI

The agencies warn that agentic AI systems involve multiple interconnected components, data sources, and external tools, which together create a large attack surface. This interconnectedness makes the systems vulnerable to exploitation by malicious actors. For example, if an AI is given broad permissions to install updates or manage security logs, a simple malicious prompt could cause it to delete vital logs or install harmful software.

Another scenario highlighted involves AI managing procurement and financial processes. If such an AI is compromised, attackers could manipulate contract approvals or approve unauthorized payments without detection. Because these systems often rely on trust and automation, a single breach can lead to significant financial or security damage, especially if logs are falsified to hide malicious activity.

Official Recommendations and Cautionary Advice

The agencies, including Australia’s ASD, CISA from the US, and others from Canada, New Zealand, and the UK, have published a guide urging organizations to slow down. They stress that until security standards, evaluation methods, and best practices are fully developed, organizations should treat agentic AI as risky and prone to misbehavior.

The document suggests deploying these systems incrementally, starting with low-risk tasks. It also emphasizes the importance of strong governance, clear accountability, rigorous monitoring, and human oversight at every stage. The goal is to prevent unwanted behaviors and ensure that AI systems can be stopped or reversed if necessary.

Security researchers are also encouraged to focus more on understanding AI threats. Since threat intelligence for agentic AI is still evolving, there are many attack vectors that are not yet fully understood or addressed. The agencies warn that current tools and standards mainly focus on large language models, leaving gaps for other types of agentic AI systems.

Ultimately, the message is that rushing the deployment of autonomous AI systems can lead to serious security issues. Organizations should proceed with caution, prioritizing safety and resilience over quick gains. Proper oversight, incremental deployment, and thorough testing are key to avoiding costly mistakes as this technology continues to develop.

Inspired by

• https://go.theregister.com/feed/www.theregister.com/2026/05/04/five_eyes_agentic_ai_recommendations/