TLDR: The World Economic Forum has issued a stark warning regarding the rapid and often unsecured deployment of AI agents across various business functions. These autonomous systems, projected to outnumber human workers by 12-fold this year, are creating critical new attack vectors. A recent survey reveals that a vast majority of businesses lack a robust strategy for managing these non-human identities, leaving them vulnerable to data breaches, unauthorized actions, and system compromises, with generative AI further escalating the risk of advanced social engineering attacks. The Forum emphasizes the urgent need for integrated identity security solutions to protect against these evolving cyberthreats.
The World Economic Forum (WEF) has sounded the alarm on a burgeoning cybersecurity crisis, highlighting that the accelerated deployment of unsecured Artificial Intelligence (AI) agents is exposing businesses to unprecedented and sophisticated cyberthreats. These autonomous AI systems, now integral to functions ranging from development and sales to customer service, research, content creation, and finance, are capable of making decisions and executing complex tasks with minimal human oversight.
According to the WEF, the volume of non-human and ‘agentic’ identities is anticipated to reach 45 billion by the close of this year, a staggering figure that is more than 12 times the current global human workforce. Despite this explosive growth, a recent Okta survey of 260 executives revealed a critical oversight: only 10% of respondents possess a well-developed strategy for managing these burgeoning non-human identities.
This oversight presents a significant security vulnerability, especially considering that approximately 80% of all data breaches involve some form of compromised or stolen identity. The Forum warns that if not properly secured, these AI agents can become potent new attack vectors, leading to severe consequences such as data leaks, unauthorized actions, and complete system compromises. The rise of generative AI further exacerbates this threat landscape, empowering malicious actors to craft even more sophisticated phishing and social engineering attacks.
Experts at the WEF emphasize that the more access an AI agent is granted, the easier it becomes for threat actors to infiltrate a company. This expanded access, often given to enhance agent effectiveness, directly correlates with increased business risk. Attackers can manipulate AI agent behavior through techniques like ‘prompt injection,’ using probing questions to trick agents into divulging privileged information.
Also Read:
- Generative AI Tools Linked to Widespread Sensitive Data Exposure in Early 2025
- North Korean Hackers Leverage ChatGPT for Advanced Cyber Espionage Campaign
To counter the speed and complexity of these AI-driven threats, businesses are urged to adopt a new security paradigm. It is critical to establish robust identity controls and prioritize security from the initial stages of AI agent development and deployment. The Forum advocates for an ‘identity security fabric’ – a new category of security that comprehensively secures every identity, whether human, non-human, or agentic, across all identity use cases, applications, and resources. This integrated approach is deemed essential for safeguarding businesses in an AI-dominated future.
