The Looming Threat of Agentic AI: Why Leaders are Calling for Immediate Regulation

As autonomous AI agents evolve from simple chatbots into sophisticated tools capable of independent action, a consensus is forming among global experts: the window for proactive regulation is closing. In a recent discussion at the Berkman Klein Center for Internet and Society, cybersecurity leaders warned that while "agentic AI" offers unprecedented defensive capabilities, it also provides bad actors with a dangerous new arsenal for high-speed, automated cybercrime.

The Shift to Autonomous Threats

Historically, cybersecurity has relied on human-led defenses against human-led attacks. However, the rise of agentic AI—models that can sift through data and execute commands without constant human oversight—is fundamentally altering the "threat model." This evolution means that defensive systems are no longer just fighting static code; they are fighting an adaptive intelligence that can pivot in real-time.

"Essentially, there's some human in a chair that's outside of the data center who's sending evil commands to the code that's running in the data center and otherwise trying to trick it into being evil with AI," explained James Mickens, a professor at the Harvard John A. Paulson School of Engineering and Applied Sciences. This "evil twin" dynamic creates a landscape where the speed of an attack can easily outpace the speed of human intervention.

The scale of this shift is documented in recent data from the IBM Security Hub, which found that cyberattacks on public-facing software—many leveraging AI—surged by 44 percent year-over-year in 2026. This includes high-profile incidents where attackers used AI models to identify and publish vulnerabilities in source code before developers could issue patches.

The Challenge of Corporate Liability

One of the most contentious hurdles in drafting regulation is determining who is responsible when an AI-driven system fails. Robert Knake, a partner at Paladin Capital and former federal cybersecurity official, argues that the government must mandate higher security standards for the private sector to prevent a "race to the bottom" in safety.

However, Knake cautions against a "zero-error" policy. "We're not at a place where we can say any error in your software that leads to a harm, you need to be responsible for. That will kill off software development," he stated during the Harvard Gazette forum. Instead, experts are proposing a "safe harbor" model: if a company implements verified, basic security measures—such as using the most current secure versions of open-source packages—they could be protected from liability for unforeseen outcomes.

Why “Hacking Back” Isn’t the Answer

As attacks become more automated, some have suggested that companies should be empowered to "hack back" or retaliate against attackers. The panel of academic and industry experts remain firmly opposed to this approach. They argue that authorizing private retaliation would create a chaotic digital environment where neutral infrastructure could be caught in the crossfire.

Mickens warned that a world of authorized retaliation would "very quickly degenerate into essentially high-frequency trading," where competing algorithms react to one another in real-time. This could lead to a digital arms race that threatens the stability of the entire internet. Furthermore, the risk of misattribution is high; an AI agent might make it appear that an attack originated from a neutral third party, leading to unwarranted and destructive "defensive" strikes.

The Burden of Documentation

While the private sector has traditionally relied on internal stopgaps to prevent breaches, the unique ability of AI to be "tricked" into malicious behavior requires a formal, unified regulatory framework. The challenge is that many organizations currently lack the granular visibility into their own systems required for such oversight.

As Josephine Wolff, associate dean for research at the Fletcher School at Tufts University, noted, the difficulty lies in the administrative burden: "Documentation and inventories are both really important and really hard." Without a clear CISA Cybersecurity Guide or similar government framework, companies often struggle to maintain a comprehensive list of all the AI components and third-party libraries running within their networks.

The Path Forward

The consensus among the experts is clear: the era of "wait and see" is over. Business and government leaders must move beyond the "innovation vs. regulation" standoff to secure the digital infrastructure of the next decade. This includes establishing clear liability rules, creating safe harbors for diligent companies, and strictly prohibiting automated retaliation that could destabilize global networks.

The goal is to create a digital environment where the defensive power of agentic AI—its ability to detect and block threats in milliseconds—is harnessed effectively while its potential for harm is strictly mitigated through international standards and transparent corporate practices. Only by acting now can leaders ensure that the next generation of AI remains a tool for progress rather than a weapon for disruption.