CISA, US and International Partners Release Guide to Secure Adoption of Agentic AI

PRESS RELEASE CISA, US and International Partners Release Guide to Secure Adoption of Agentic AI Guidance Helps Organizations Secure Agentic AI Systems and Defend Against Future Cybersecurity Risks ReleasedMay 01, 2026 RELATED TOPICS: CYBERSECURITY BEST PRACTICES WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA), Australian Signals Directorate’s Australian Cyber Security Centre (ASD ACSC), and other U.S. and international partners published, Careful Adoption of Agentic Artificial Intelligence (AI) Services, a joint guide that presents organizations with the cybersecurity challenges and risks associated with introducing agentic AI along with recommended mitigations. Critical infrastructure and defense sectors are increasingly deploying agentic AI systems to support mission-critical systems and capitalize on significant automation benefits. However, these systems can introduce additional cybersecurity risks, such as an expanded attack surface, privilege creep, behavioral misalignment, and obscure event records. This joint guide provides developers, vendors and operators with best practices for securing agentic AI systems and recommended actions to defend against future risks.   “CISA is committed to supporting the US’s adoption of AI that includes ensuring it aligns with President Trump’s Cyber Strategy for America and is cyber secure,” said CISA Acting Director Nick Andersen. “We actively collaborate with government and international partners on shared priorities with AI advancements while addressing cybersecurity challenges and risks. CISA encourages agentic AI developers, vendors and operators to review this guide.”  Actionable recommendations for organizations using agentic AI include: Avoid granting broad or unrestricted access, especially to sensitive data or critical systems Begin with agentic AI use cases that are low-risk and non-sensitive Account for agentic AI security in your organization's security model and risk posture For more information, please visit Artificial Intelligence on CISA.gov. ### About CISA As the nation’s cyber defense agency and national coordinator for critical infrastructure security, the Cybersecurity and Infrastructure Security Agency leads the national effort to manage, uncover, and reduce risk to our digital and physical infrastructure Americans rely on every hour of every day.  Visit CISA.gov for more information and follow us on X, Facebook, LinkedIn, Instagram.  Related Articles APR 29, 2026 PRESS RELEASE CISA and U.S. Government Partners Unveil Guide to Accelerate Zero Trust Adoption in Operational Technology APR 23, 2026 PRESS RELEASE CISA, National Cyber Security Centre (NCSC) UK, and Global Partners Issue Advisory on Chinese Government-Linked Covert Cyber Networks FEB 25, 2026 PRESS RELEASE Immediate Action Required: CISA Issues Emergency Directive to Secure Cisco SD-WAN Systems FEB 13, 2026 PRESS RELEASE CISA Announces New Town Halls to Engage with Stakeholders on Cyber Incident Reporting for Critical Infrastructure