Sign up to save your podcasts
Or
Share 028 Quicky Rogue AI Agents: Shadow AI, Hacks & Zero Trust
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
028 Quicky Rogue AI Agents: Shadow AI, Hacks & Zero Trust
Episode Number: Q028
Title: Rogue AI Agents: Shadow AI, Hacks & Zero Trust
Are AI agents the biggest blind spot in enterprise cybersecurity today? U.S. organizations are adopting autonomous AI systems at an unprecedented pace—often faster than they can secure or govern them. In this episode, we dive deep into the cybersecurity of agentic AI, uncovering the invisible threats keeping CISOs and IT leaders awake at night.
While traditional Large Language Models (LLMs) are limited to text generation, AI agents take autonomous action. They connect to sensitive databases, execute code, manage APIs, and communicate in complex multi-agent ecosystems. However, this autonomy brings massive risks. With the rise of "Shadow AI," agents are frequently deployed outside official IT oversight, drastically expanding the corporate attack surface.
We break down the latest warnings from industry experts and analyze why conventional security architectures fail against non-human identities.
In this episode, you will learn:
The Anatomy of Agentic Attacks: How adversaries use Memory Poisoning, Indirect Prompt Injections, and RAG manipulation to corrupt an agent's long-term memory and silently hijack enterprise workflows.
Identity Crises & Tool Misuse: Why traditional Identity and Access Management (IAM) isn't enough for AI agents, and how hackers exploit excessive agency and weak API permissions to move laterally across networks.
NIST & The U.S. Regulatory Push: An in-depth look at the latest U.S. guidelines, including the NIST AI Risk Management Framework (AI RMF), the recent NIST RFI on securing AI agents, and the broader impact of Executive Order 14179.
The "Responsibility Gap": Who is legally liable when an autonomous AI commits copyright infringement or makes catastrophic errors? We explore "Fluid Agency," the challenge of unmappable human-AI contributions, and the push for "Functional Equivalence" in U.S. courts.
Zero Trust & Practical Defense: Actionable strategies to protect your critical infrastructure through AI-native segmentation, strict sandboxing, and enforcing the principle of least privilege.
Who should listen? This deep dive is tailored for CISOs, IT security leaders, compliance officers, and AI developers in the United States who want to secure their organizations against the next generation of cyber threats while navigating a complex regulatory landscape.
Subscribe for regular, expert-led updates on IT security, AI governance, and identity management!
🔗 Resources & Links:
https://aiaffairs-podcast.blogspot.com/
https://aiaffairs-podcast.com
🎧 Listen & Subscribe! If you love the show, please leave us a 5-star review on Apple Podcasts and Spotify.
Subscribe for weekly deep dives into the mechanics of AI! ⭐⭐⭐⭐⭐
#AI Agents #Cybersecurity #ZeroTrust #NIST #PromptInjection #ShadowAI #DataSecurity #AIGovernance #CISO
(Note: This podcast episode was created with the support and structuring provided by Google's NotebookLM.)
View all episodes
By Claus ZeißlerEpisode Number: Q028
Title: Rogue AI Agents: Shadow AI, Hacks & Zero Trust
Are AI agents the biggest blind spot in enterprise cybersecurity today? U.S. organizations are adopting autonomous AI systems at an unprecedented pace—often faster than they can secure or govern them. In this episode, we dive deep into the cybersecurity of agentic AI, uncovering the invisible threats keeping CISOs and IT leaders awake at night.
While traditional Large Language Models (LLMs) are limited to text generation, AI agents take autonomous action. They connect to sensitive databases, execute code, manage APIs, and communicate in complex multi-agent ecosystems. However, this autonomy brings massive risks. With the rise of "Shadow AI," agents are frequently deployed outside official IT oversight, drastically expanding the corporate attack surface.
We break down the latest warnings from industry experts and analyze why conventional security architectures fail against non-human identities.
In this episode, you will learn:
The Anatomy of Agentic Attacks: How adversaries use Memory Poisoning, Indirect Prompt Injections, and RAG manipulation to corrupt an agent's long-term memory and silently hijack enterprise workflows.
Identity Crises & Tool Misuse: Why traditional Identity and Access Management (IAM) isn't enough for AI agents, and how hackers exploit excessive agency and weak API permissions to move laterally across networks.
NIST & The U.S. Regulatory Push: An in-depth look at the latest U.S. guidelines, including the NIST AI Risk Management Framework (AI RMF), the recent NIST RFI on securing AI agents, and the broader impact of Executive Order 14179.
The "Responsibility Gap": Who is legally liable when an autonomous AI commits copyright infringement or makes catastrophic errors? We explore "Fluid Agency," the challenge of unmappable human-AI contributions, and the push for "Functional Equivalence" in U.S. courts.
Zero Trust & Practical Defense: Actionable strategies to protect your critical infrastructure through AI-native segmentation, strict sandboxing, and enforcing the principle of least privilege.
Who should listen? This deep dive is tailored for CISOs, IT security leaders, compliance officers, and AI developers in the United States who want to secure their organizations against the next generation of cyber threats while navigating a complex regulatory landscape.
Subscribe for regular, expert-led updates on IT security, AI governance, and identity management!
🔗 Resources & Links:
https://aiaffairs-podcast.blogspot.com/
https://aiaffairs-podcast.com
🎧 Listen & Subscribe! If you love the show, please leave us a 5-star review on Apple Podcasts and Spotify.
Subscribe for weekly deep dives into the mechanics of AI! ⭐⭐⭐⭐⭐
#AI Agents #Cybersecurity #ZeroTrust #NIST #PromptInjection #ShadowAI #DataSecurity #AIGovernance #CISO
(Note: This podcast episode was created with the support and structuring provided by Google's NotebookLM.)