In the rapidly evolving world of cybersecurity, Agentic AI is emerging as a game-changer, particularly for the public sector. Elastic’s Chief Information Security Officer (CISO), Mandy Andress, recently discussed the transformative potential of this technology in staying ahead of cyber threats. According to Andress, the ability to scale security operations and adapt to threats in real time is key—and agentic AI could be the solution.
As cybersecurity challenges become more complex and fast-moving, it’s crucial to consider how AI will shape future defenses. Andress believes that AI’s ability to analyze vast amounts of data quickly and within context will be essential in maintaining security standards. With the rise of sophisticated attacks, especially in government sectors, AI-driven solutions like agentic AI could become indispensable.
The Changing Cybersecurity Landscape: Why Speed and Context Matter
Singapore’s public sector, for example, has seen a sharp rise in phishing attacks, jumping 49% in a single year. As cyber threats grow in number and sophistication, the need for faster, more effective responses becomes even more urgent. Andress points out that the ability to respond at the speed of machines—rather than human reaction times—could be the key to preventing breaches before they happen.
For public sector institutions, where sensitive citizen data and critical infrastructure are at risk, the stakes are incredibly high. AI is already fueling some of these attacks, making it even more urgent to find ways to protect against AI-driven threats. That’s where agentic AI comes in—empowering security teams to detect and respond to threats with machine-level speed and accuracy.
What Is Agentic AI, and How Can It Enhance Cybersecurity?
Agentic AI refers to a system of specialized AI agents, each designed to perform specific tasks within a process. As Andress explains, these agents work together to collect, analyze, and act on information in real time. For example, one agent may monitor networks, while another handles data management, with the third focusing on threat evaluation.
This modular approach allows organizations to have AI-driven solutions tailored to their specific needs. Andress points out that agentic AI can drastically reduce the workload of cybersecurity analysts, helping them focus on higher-level tasks. As a result, human analysts can address complex issues without getting bogged down in repetitive tasks, reducing burnout and improving efficiency.
Furthermore, Andress highlights the evolution of these agents, noting that over the next few years, they will assist tier one analysts in handling alert fatigue and switching between multiple systems. By integrating agentic AI into security operations, organizations can streamline their workflows and achieve greater productivity without additional staff.
The Future of Security Operations: How Agentic AI Will Revolutionize Roles
Agentic AI is not just about automating tasks—it’s about creating new roles and responsibilities. As Andress explains, AI agents introduce entirely new categories of positions, such as Agent Managers, who would oversee the AI agents’ operations. These professionals will need to ensure that AI agents are functioning as intended and not deviating from their prescribed tasks.
Andress also emphasizes the importance of transparency in AI operations. With more agents handling sensitive data, organizations will need to monitor their activity closely to prevent potential breaches. This new focus on agent transparency will require organizations to adopt new auditing processes and ensure that AI systems remain accountable.
Why Agentic AI Is a Game-Changer for Cybersecurity Teams
A significant advantage of agentic AI is that it doesn’t rely on static playbooks. Andress points out that AI agents can quickly aggregate and present relevant data on a single dashboard, enabling cybersecurity professionals to make decisions faster and with more context. Instead of manually hunting for information across disparate systems, analysts can focus on taking action based on real-time insights.
This ability to consolidate data improves efficiency by eliminating the need for analysts to switch between various tools and dashboards. Moreover, with AI continuously analyzing new data, organizations can identify threats earlier and more accurately. As Andress explains, AI can recommend updates to detection rules and improve the fidelity of alerts, ensuring that no threat goes unnoticed.
As the cybersecurity landscape continues to evolve, particularly in places like Singapore’s public sector, organizations are feeling the strain from a shortage of skilled professionals. With more advanced roles like penetration testing and cybersecurity architecture in high demand, agentic AI helps bridge the gap, allowing existing teams to handle more complex tasks with less effort.
Overcoming Challenges: Ensuring Proper Foundations for AI Integration
Even with all its potential, Andress warns that the fundamentals of cybersecurity must still be in place to leverage agentic AI effectively. She stresses that strong cybersecurity hygiene is essential to prevent threats from slipping through the cracks, especially in an age when threat actors can move faster than ever.
Organizations must maintain a defensive posture that doesn’t constantly rely on reactive adjustments. Andress advocates for a culture of ongoing training and security awareness to ensure that employees understand how to identify and mitigate risks effectively. With AI-driven attacks becoming increasingly sophisticated, there’s no room for complacency.
The rise of deepfakes and advanced phishing techniques is a perfect example of how cyber threats have grown more challenging. Traditional training methods, like spotting suspicious language, are no longer enough. Employees need to be trained to recognize more complex attack vectors, many of which now employ AI to enhance their effectiveness.
The Role of Leadership: Guiding Organizations in AI-Driven Cybersecurity
Internally, organizations must continuously evaluate whether their verification and validation processes are strong enough to handle AI-driven cybersecurity threats. Andress underscores the need for proactive measures to detect and neutralize threats in real-time. Leaders must recognize when an intrusion occurs and take swift, decisive action to protect critical systems.
Tech leaders, she explains, need to set the example by recognizing the importance of emerging technologies and their ability to enhance cybersecurity. The goal is not to discard current tools but to integrate AI as an augmentation, ensuring continuous control and monitoring. This combined approach will offer greater resilience in the face of ever-evolving cyber threats.
How Agentic AI Can Transform the Future of Cybersecurity
Looking forward, Andress believes agentic AI will be indispensable in cybersecurity’s next phase. As the technology matures, it will enable security teams to respond more swiftly to threats and address challenges that are impossible for humans to tackle alone. Agentic AI’s ability to analyze vast datasets and operate at machine speed will fundamentally change the way security operations are structured.
Moreover, as AI continues to evolve, cybersecurity will need to adopt a more proactive stance. Agentic AI will allow organizations to not only detect and respond to threats faster but also predict and prevent them before they can cause damage. By combining AI’s speed and precision with human oversight, organizations can create a security model that is both agile and reliable.
Embracing Agentic AI for a Secure Digital Future
The integration of agentic AI into cybersecurity operations is set to redefine how security is managed, particularly in sectors like the public domain where threats are growing both in complexity and volume. With the help of AI agents, cybersecurity teams can work faster, smarter, and more efficiently—relying on real-time data and eliminating the need for manual intervention.
For organizations facing a shortage of skilled cybersecurity professionals, agentic AI offers a solution that maximizes existing resources while reducing the impact of routine tasks. As the digital landscape continues to evolve, embracing AI-driven technologies like agentic AI will be critical in ensuring cybersecurity remains robust and resilient against emerging threats.
