PUBLISHER: IDC | PRODUCT CODE: 2068495
PUBLISHER: IDC | PRODUCT CODE: 2068495
Securing the Agentic Enterprise: Part 2 - Assessing the Impact of Agents on Key Security Domains
This IDC Perspective examines how agentic AI transforms enterprise security, requiring a shift from static controls to continuous, identity-driven governance. It outlines new risk categories - external, internal, and toolset-based - and emphasizes the convergence of security domains as agents operate autonomously. The updated IDC framework advocates for adaptive policies, real-time monitoring, and integrated controls to maintain resilience and compliance. Actionable recommendations guide technology buyers in strengthening identity-centric controls, deploying full-fidelity telemetry, and designing for ongoing disruption."Agentic AI compels enterprises to rethink security: while core principles endure, the real challenge is self-inflicted disruption from poorly governed agents. Continuous, identity-driven governance and operational resilience are now essential for navigating a landscape where disruption is constant, and boundaries are fluid," says Duncan Brown, group vice president, IDC.
Executive snapshot
- Key takeaways
- Recommended actions
Situation overview
- An update to IDC's Cybersecurity Capabilities Assessment Framework
- Domains of IDC's Cybersecurity Capabilities Assessment Framework 2.0
- Network security
- Network security changes by risk class
- External agentic threats
- Internal agentic threats
- Agents in security toolsets
- Network security changes by risk class
- Endpoint security
- Endpoint security changes by risk class
- External agentic threats
- Internal agentic threats
- Agents in endpoint security toolsets
- Endpoint security changes by risk class
- Identity and digital trust
- Identity and digital trust change by risk class
- External agentic threats
- Internal agentic threats
- Agents in identity and digital trust toolsets
- Identity and digital trust change by risk class
- Data security
- Data security changes by risk class
- External agentic threats
- Internal agentic threats
- Agents in data security toolsets
- Data security changes by risk class
- Application security
- Application security changes by risk class
- External agentic threats
- Internal agentic threats
- Agents in application security toolsets
- Application security changes by risk class
- Response, recovery, and resilience
- Response, recovery, and resilience changes by risk class
- External agentic threats
- Internal agentic threats
- Response, recovery, and resilience changes by risk class
- GRC
- GRC changes by risk class
- External agentic threats
- Internal agentic threats
- Agents in GRC toolsets and services
- GRC in the context of AI Governance
- GRC changes by risk class
- Network security
Advice for the technology buyer
Learn more
- Related research
- Synopsis
