Agentic AI is a security concern, and experts are currently advising against its use.
We are now living in the age of AI, and for many years we have become so accustomed to AI that we rely on it for everything we need on the internet in our daily lives.
We ask AI chatbots about any problem in our lives, and the AI chatbot instantly provides a solution.
We are also using AI for tasks like writing emails, summarizing articles, and fixing code, and we simply copy and paste the results. We also talk to AI about many things, such as travel planning and home decorating ideas.
This was fine as long as we were only talking to chatbots and the AI was only providing answers; it couldn't do anything on its own. But now a new form of AI has emerged on the internet. This AI is not limited to just talking; it can perform tasks for you, even better than you can. And this is where the real problem begins. For example, it can click for you, book tickets, accept cookies, scroll, fill out forms, log in to tools, and download files, and it can do all of this exactly like a human. This is agentic web AI.
Hearing all this, it might sound good that AI is working for us and making things easier; what's the harm? But this is where the potential for major danger lies.
Recently, reports have emerged from renowned tech analyst firms Gartner and IDC, and these organizations have strongly advised companies to immediately block AI browsers, warning that this technology could lead to data leaks, privacy and security issues, and legal problems in the future.
So, the question is, when AI works by following our instructions, where is the problem? Why are leading experts giving such advice? Is this really a cause for concern?
Let's understand all of this in simple terms: Why such a strong warning? And what exactly is agentic AI, and why is it different?
AI has now evolved from chatbots to agents. Previously, AI was where you asked questions and the AI provided answers, but agentic AI is autonomous and self-sufficient, capable of doing everything on its own. You give it a few instructions, and the AI quickly plans and executes the tasks, delivering results you might not have even imagined.
For example, you could tell the AI to find and book the cheapest flight, log in to my office portal and create a report, monitor competitor pricing, and submit applications by browsing various websites.
And you know that to perform these tasks, you would have to give the AI all sorts of access, such as login passwords, permissions to click and submit, browser access, and complete access to the company's internal systems. And AI browsers have been created to perform these tasks.
Now let's understand what these AI browsers actually are. AI browsers are not like the browsers we typically use, such as Chrome or Firefox.
These are browsers that autonomously navigate websites, read and understand text, interact with forms, buttons, and dashboards, remember cookies, sessions, and login information, and continue working without human supervision.
In simple terms, it's like handing over the steering wheel of your car to the AI and saying, "You know where to go."
AI becomes most powerful when you relinquish control to it. Power without control is the most dangerous.
Gartner's warning to the world:
Gartner is an organization that doesn't easily spread panic. So when they say to block AI browsers, the matter is truly serious. Therefore, block them immediately if possible.
Because agentic AI can break many security measures upon which modern cybersecurity is based.Security systems are usually designed for humans,
keeping humans in mind, based on their specific work patterns and clear logs and permissions.
But AI is not human. It can work extremely fast without fatigue and possesses unlimited power this combination is dangerous.
The biggest risk is bypassing security systems. Almost all organizations rely on their login and access controls, multi-factor authentication, session monitoring, and data loss prevention tools, but AI browsers can often silently circumvent these.
For example, once logged in, they can maintain a session for an extended period, utilize excessive permissions,show normal user activity in security logs, and collect data very quickly.
To security tools, this might appear as a highly productive employee. But in reality?
It's an automated agent unknowingly extracting data and your Sensitive Data Leaks.
Imagine a scenario where an AI browser has access to finance tools, HR dashboards, customer databases, and cloud storage. The question then is, where is the data going? Where is it being stored? Is the AI company using it? Who is responsible if there's a leak?
Many AI tools still lack clear data usage policies. A small mistake or a hack could expose customer information, trade secrets, financial records, and login credentials.
And with AI, the damage is simultaneous, rapid, and on a large scale. People don't ask questions; they just take advantage of the benefits.
The nightmare of laws and compliance, and the most terrifying aspect, is that organizations have to comply with GDPR, data protection laws, industry regulations and client agreements all sorts of rules and regulations.
If the AI accesses incorrect data, removes data without manual permission, and if it stores insecurely the complete liability falls on the organization, not the AI company.
And the consequences are severe like legal fines, loss of public trust, legal investigations, and compensation. Along with damage to your reputation.Now the main debate is, how much freedom should be given to AI?
This is the biggest question right now On one hand, it allows for faster work, significantly increasing productivity, and at a much lower maintenance cost compared to before. On the other hand, considering other aspects, there is a lack of transparency, reduced human control, security risks, and ambiguity regarding responsibility.
If AI makes a mistake, who is to blame? The employee or The company? Or the AI developer? The answer is still unclear.
A major concern in the corporate world is Shadow IT and many companies have already taken strict measures regarding this. They are blocking AI agents on their office laptops, disabling browser automation, limiting screen-reading permissions, and creating new policies for AI usage.
Giving AI access to Gmail or Drive, having AI perform client work, or startups overautomating in all these cases once you log in, you lose control.
If you ask for my opinion, I would say that Agentic AI is not inherently bad, nor does it engage in scams, so there's nothing to be afraid of.
However, you need to be aware before using it. First, understand its guidelines, then use it.
So, are we rushing into this? History shows that whenever a new technology emerges, people blindly jump into it, ignoring the risks, and later face the consequences. Then rules are made. At this moment, Agentic AI is following the same path.
Now you might ask, what should we do now?
According to experts, for now, limit the use of AI browsers; avoid using them unless absolutely necessary.
Keep AI access blocked from sensitive systems and rely on humans for important tasks. Increase employee awareness and instruct them to use it cautiously.
Let me ask you a question if someone told you, Give me access to your bank account, and I will handle all your banking tasks easily and quickly, would you trust them and give them access?
But you are unknowingly doing the same thing, handing over access to all your important profiles to AI.Agentic AI will not stop you must maintain control.
In conclusion, I want to say that progress requires guardrails, and Agentic AI is a huge step in our technological journey. And organizations like Gartner want to remind us with their warnings that not all progress should be accepted blindly. Use AI, but with awareness.
Whenever you face a problem, before turning to AI, think carefully about whether it's the right thing to do.
Because AI can work for us, but ultimately, no one is infallible, so we will have to take responsibility for any mistakes.
0 Comments