{"id":3539,"date":"2026-04-02T03:40:00","date_gmt":"2026-04-02T10:40:00","guid":{"rendered":"https:\/\/www.wiki-living.com\/index.php\/2026\/04\/02\/maintaining-control-over-the-internet-where-ai-can-operate-independently\/"},"modified":"2026-04-02T13:41:25","modified_gmt":"2026-04-02T20:41:25","slug":"maintaining-control-over-the-internet-where-ai-can-operate-independently","status":"publish","type":"post","link":"https:\/\/www.wiki-living.com\/index.php\/2026\/04\/02\/maintaining-control-over-the-internet-where-ai-can-operate-independently\/","title":{"rendered":"Maintaining control over the internet where AI can operate independently"},"content":{"rendered":"\n<div id=\"article-body\">\n<p id=\"elk-f6cd142a-5438-4133-a4f5-b96986d2b6d1\">The vulnerability of the ServiceNow AI platform earlier this year reflects a broader shift taking place in enterprise cyber risk. There was no evidence of exploitation before it was fixed, but the incident is a warning to cyber security experts.<\/p>\n<p>Weaknesses in the agency&#8217;s AI capabilities could allow user impersonation and workflow manipulation to occur, showing how modern security threats are evolving beyond traditional data breaches.<\/p>\n<aside data-block-type=\"embed\" data-render-type=\"fte\" data-skip=\"dealsy\" data-widget-type=\"seasonal\" class=\"hawk-root\"\/>\n<p id=\"elk-f6cd142a-5438-4133-a4f5-b96986d2b6d1-2\" class=\"paywall\" aria-hidden=\"true\">This is especially important today, as analysts predict that 40% of business applications will include AI agents by the end of 2026. However, a recent study also found that nearly half (47%) of AI agents operate unsupervised. That equates to around 1.5m unregulated agents in use in large organizations across the UK and US.<\/p>\n<p><span class=\"article-continues-below block py-2 text-sm\">The article continues below <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\" class=\"inline-block w-2.5 h-2.5 ml-2\" fill=\"currentColor\" preserveaspectratio=\"xMidYMid meet\" viewbox=\"0 0 1000 1000\"><path d=\"M1000 100L500 900 0 100h1000z\"\/><\/svg><\/span><\/p>\n<aside data-component-name=\"Recirculation:ArticleRiver\" data-recirculation-type=\"inline\" data-mrf-recirculation=\"Trending Bar\" data-nosnippet=\"\" class=\"clear-both pb-0 pt-2 mb-4\">\n        <span class=\"&#10;            flex&#10;            after:content-[''] after:flex-1 after:ml-4 after:my-[0.7rem] after:border-t after:border-solid after:border-t-[#ccc]&#10;            before:content-[''] before:flex-1 before:mr-4 before:my-[0.7rem] before:border-t before:border-solid before:border-t-[#ccc]&#10;            font-article-heading pb-0 !text-base uppercase sm:text-sm font-bold&#10;        \"><\/p>\n<p>            You might like it<br \/>\n        <\/span><\/p>\n<\/aside>\n<div id=\"slice-container-person-QsdoRmgYPwGinK5KdAm5h6-SJOKLyhIKVdmaK1CULZmsbhvOA9cYkmo\" class=\"slice-container person-wrapper person-QsdoRmgYPwGinK5KdAm5h6-SJOKLyhIKVdmaK1CULZmsbhvOA9cYkmo slice-container-person\">\n<div class=\"person person--separator\">\n<div class=\"person__heading\">\n<div class=\"person__name-socials\"><span class=\"person__name\">Matthew Lloyd Davies<\/span><\/p>\n<nav class=\"button-social-group person__social-buttons\" aria-labelledby=\"button-social-group- person__social-buttons\">\n<p>Navigating Social Links<\/p>\n<p><span class=\"button-social__icon button-social__icon-website\"><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"icon-website\" viewbox=\"0 0 1000 1000\"><path d=\"M1000 500A501 501 0 0 0 503 0h-6A501 501 0 0 0 0 500c0 275 223 499 498 500h4a501 501 0 0 0 498-500zM529 936V765h133c-31 90-79 154-133 171zM337 765h134v171c-54-17-101-81-134-171zM61 539h176a899 899 0 0 0 22 167H110a439 439 0 0 1-49-166zM471 64v191H331c31-101 82-173 140-191zm199 191H529V64c58 18 109 90 140 191zm270 226H763c-1-59-7-115-18-167h155a438 438 0 0 1 40 167zm-235 0H529V314h156a857 857 0 0 1 19 167zM471 314v167H296a859 859 0 0 1 19-167h156zM237 481H60a438 438 0 0 1 41-167h154a921 921 0 0 0-18 167zm59 58h175v167H320a837 837 0 0 1-24-166zm233 167V539h175a831 831 0 0 1-24 167H529zm234-166h176a436 436 0 0 1-49 166H741a893 893 0 0 0 22-166zm104-285H731c-20-68-47-126-81-169a443 443 0 0 1 217 169zM350 86c-33 43-61 101-81 169H133A443 443 0 0 1 350 86zM148 765h127c20 59 45 110 75 150a442 442 0 0 1-202-150zm502 150c30-39 56-91 75-150h127a442 442 0 0 1-202 150z\"\/><\/svg><\/span><\/nav>\n<\/div>\n<aside class=\"person__role\"\/><\/div>\n<div class=\"person__bio\">\n<p>Cyber \u200b\u200bSecurity Lead Writer, Pluralsight.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<p id=\"elk-d0477dbd-15fa-4004-aa66-a61f588e1597\">For businesses operating throughout the supply chain, the risk of unregulated AI agents can increase significantly. Without proper oversight, independent agents can create disruptions that occur in many organizations.<\/p>\n<p>As agent AI adoption increases and becomes embedded in enterprise software, cybersecurity is no longer just about protecting data; it is about controlling the systems that can work on behalf of the organization. Organizations must move beyond a cybersecurity model that focuses solely on stopping breaches, and instead focus on how to maintain operational control when automated systems are operating beyond their intended scope.<\/p>\n<h2 id=\"a-changing-cybersecurity-model-3\">The changing cybersecurity model<\/h2>\n<p id=\"elk-0676198d-c6fe-44e6-9204-8d27b66d2d5a\">For most of the past two decades, the cybersecurity model has been built around a clear perimeter. Cyber \u200b\u200bteams will typically be controlling and preventing compromise at individual server points, where obvious, identifiable failures can be isolated and contained. The rise of agent AI has changed their focus.<\/p>\n<p>With AI embedded in core business platforms, organizations need not worry about negative feedback or accuracy of output. The next big change is from &#8216;AI content risk&#8217; to &#8216;AI action risk&#8217;. When AI agents interact across identities, APIs, platforms and workflows, they introduce new risk factors, and unlike static data breaches, these can spread across multiple systems before anyone notices.<\/p>\n<div id=\"slice-container-newsletterForm-articleInbodyContent-QsdoRmgYPwGinK5KdAm5h6\" class=\"slice-container newsletter-inbodyContent-slice newsletterForm-articleInbodyContent-QsdoRmgYPwGinK5KdAm5h6 slice-container-newsletterForm\">\n<div data-hydrate=\"true\" class=\"newsletter-form__wrapper newsletter-form__wrapper--inbodyContent\">\n<div class=\"newsletter-form__container\">\n<section class=\"newsletter-form__top-bar\"\/>\n<section class=\"newsletter-form__main-section\">\n<p class=\"newsletter-form__strapline\">Sign up for the TechRadar Pro newsletter to get all the top news, ideas, features and guidance your business needs to succeed!<\/p>\n<\/section>\n<\/div>\n<\/div>\n<\/div>\n<p>The key question is what AI agents are authorized to do: how to initiate workflows, perform tasks and operate within delegated permissions. If an agent is misconfigured, exploited or given too many privileges, the consequences can escalate quickly, because these systems automatically make decisions on multiple workflows at the same time.<\/p>\n<p>The question is no longer just &#8220;have we been breached?&#8221; but &#8220;are our systems still doing what we authorized them to do?&#8221; Those are different problems, and they require different controls.<\/p>\n<h2 id=\"retaining-operational-control-3\">Maintaining operational control<\/h2>\n<p id=\"elk-92b1200a-2b1e-49f9-82d0-32aaaaed7324\">In test cases, researchers have shown that unauthorized external attackers who only need a target&#8217;s email address can embed malicious instructions into data fields that will later be processed by super-privileged user AI agents. If left unchecked, organizations can expect to see the execution of unauthorized workflows, the expansion of cross-platform access and the rapid spread of errors or malicious actions.<\/p>\n<aside data-component-name=\"Recirculation:ArticleRiver\" data-recirculation-type=\"inline\" data-mrf-recirculation=\"Trending Bar\" data-nosnippet=\"\" class=\"clear-both pb-0 pt-2 mb-4\">\n        <span class=\"&#10;            flex&#10;            after:content-[''] after:flex-1 after:ml-4 after:my-[0.7rem] after:border-t after:border-solid after:border-t-[#ccc]&#10;            before:content-[''] before:flex-1 before:mr-4 before:my-[0.7rem] before:border-t before:border-solid before:border-t-[#ccc]&#10;            font-article-heading pb-0 !text-base uppercase sm:text-sm font-bold&#10;        \"><\/p>\n<p>            What you can read next<br \/>\n        <\/span><\/p>\n<\/aside>\n<p>In fact, a common security flaw has far more significant consequences if it resides within a platform that can be applied to the entire workflow &#8211; often described as having an impact.<\/p>\n<p>A reported security flaw that allows impersonation and arbitrary actions within privileges is exactly the type of failure mode that leaders should be concerned about in AI-enabled workflow systems. That&#8217;s why knowing how to maintain operational control when automated systems behave unexpectedly is important.<\/p>\n<p>For cybersecurity teams, this means treating aspects of AI as changes in an organization&#8217;s regulatory environment. Organizations should review permissions, testing methods, monitoring and rollback methods for all AI uses. Punitive identity management, least privileged access design and strong rights management are essential.<\/p>\n<p>This requires a change in the way organizations manage risk. Rather than focusing on supplier evaluation, leaders should prioritize integration governance \u2013 prioritizing a small number of platforms that can trigger tangible business actions. It also includes controlling the seams: mapping key combinations, data flows and customizations, while monitoring unusual behavior and enforcing administrative and service account privileges.<\/p>\n<p>Executive feedback when AI-enabled workflows are implemented will become increasingly important as the link between cyber and AI becomes stronger. Set clear escalation expectations that include quick disclosure, clear cutbacks and vetted channels for vendor referrals. Uptime is a key security capability for AI-controlled systems.<\/p>\n<h2 id=\"the-cyber-skills-gap-3\">The cyber skills gap<\/h2>\n<p id=\"elk-e17234db-d105-413d-a860-3f6a9554ca29\">Cybersecurity was identified as one of the top skills gaps in our Technology Skills report, and 95% of IT and business professionals say they don&#8217;t have enough support to build skills. Clearly, organizations must invest in the ability to manage AI-enabled systems effectively.<\/p>\n<p>If AI agents are to be added to an existing product, cybersecurity should be high on the agenda in the planning phase. That includes ensuring that AI agents are closely monitored in terms of their rights and risks are mapped out if something goes wrong. There is also a need to invest in technological capabilities to design, monitor and rapidly automate AI-driven containment.<\/p>\n<p>But this requires skilled professionals whose skills are up-to-date on the latest AI cyber threats. Currently, the knowledge gap in many organizations makes it difficult for security professionals to protect against AI-driven threats \u2013 let alone know what to do if something goes wrong. Those organizations that get it right will see a wealth of new learning on how security and privacy in AI work together.<\/p>\n<p>Equally important is practice. Being able to measure readiness through sandbox testing will ensure that decision making is implemented and recovery times are widely understood. The exercise should also involve senior teams, legal and forensic, ready to deal with threats and communicate quickly with vendors.<\/p>\n<h2 id=\"what-leadership-should-prioritize-3\">Which leadership should prioritize<\/h2>\n<p id=\"elk-0a0a975d-263f-4b40-b3ea-b39d099a9a97\">As organizations accelerate the adoption of AI agents, leaders need to redefine risk. That means treating unauthorized actions, workflow exploitation and operational disruptions as crisis situations worthy of the same rigor of exercises used in ransomware or major outages. It&#8217;s a responsibility that goes beyond having a cybersecurity team. It&#8217;s a responsibility that goes beyond having a cybersecurity team.<\/p>\n<p>The questions every leadership team should already have answers to are: Who can represent us? What is a toggle switch? What is our first hour catch-up move? Organizations that have practiced those responses, across cyber, legal, comms and executive teams, are the ones who keep critical systems running when something goes wrong.<\/p>\n<p id=\"elk-90731373-ab3b-47c2-a4ef-3c32d78fc620\"><em>Check out our list of the best Firewalls: reviewed, rated, and rated.<\/em><\/p>\n<\/div>\n\n","protected":false},"excerpt":{"rendered":"<p>The vulnerability of the ServiceNow AI platform earlier this year reflects a broader shift taking place in enterprise cyber risk. There was no evidence of exploitation before it was fixed, but the incident is a warning to cyber security experts. Weaknesses in the agency&#8217;s AI capabilities could allow user impersonation and workflow manipulation to occur, [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":3540,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27],"tags":[],"class_list":{"0":"post-3539","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-smart-home-gadgets"},"_links":{"self":[{"href":"https:\/\/www.wiki-living.com\/index.php\/wp-json\/wp\/v2\/posts\/3539","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.wiki-living.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.wiki-living.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.wiki-living.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.wiki-living.com\/index.php\/wp-json\/wp\/v2\/comments?post=3539"}],"version-history":[{"count":1,"href":"https:\/\/www.wiki-living.com\/index.php\/wp-json\/wp\/v2\/posts\/3539\/revisions"}],"predecessor-version":[{"id":3541,"href":"https:\/\/www.wiki-living.com\/index.php\/wp-json\/wp\/v2\/posts\/3539\/revisions\/3541"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.wiki-living.com\/index.php\/wp-json\/wp\/v2\/media\/3540"}],"wp:attachment":[{"href":"https:\/\/www.wiki-living.com\/index.php\/wp-json\/wp\/v2\/media?parent=3539"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.wiki-living.com\/index.php\/wp-json\/wp\/v2\/categories?post=3539"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.wiki-living.com\/index.php\/wp-json\/wp\/v2\/tags?post=3539"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}