Product teams must architect agent-native security from day one rather than retrofitting traditional controls, implementing runtime monitoring, memory hygiene, and adaptive governance that can evolve alongside autonomous systems to avoid costly reactive security implementations.
"Agentic AI systems demand more comprehensive evaluation because their planning, reasoning, tool utilization, and autonomous capabilities create attack surfaces and failure modes that extend far beyond those present in standard LLM or generative AI models."
"Agent infrastructure: technical systems and shared protocols external to agents that are designed to mediate and influence their interactions with and impacts on their environments."
"Their ability to execute multi-step plans autonomously heightens the potential for abuse by lowering barriers to entry and costs involved in these activities."
Australian government procurement clauses require AI systems to include immediate shutdown capabilities accessible to buyers, establishing enforceable technical standards beyond governance principles.
Stanford's 2025 AI Index shows industry now produces 90% of notable AI models while training costs hit $170M per model, fundamentally reshaping competitive landscape.
NSW's December 2024 guidance maps AI governance responsibilities using RACI matrices across organizational levels, showing how AI compliance is shifting from principles to structured operational requirements
We consider AI agents as systems that have the ability to perform increasingly complex and impactful goal-directed actions across multiple domains, with limited external control. This paper develops a conceptual framework for mapping characteristics of AI agency along four dimensions.
