Amazon Chief Security Officer Steve Schmidt said that AI agents could potentially go rogue and create internal security risks for companies.
This shift in the threat landscape matters because AI is fundamentally changing how organizations build software and how they are targeted by attackers. As companies integrate autonomous agents into their workflows, the risk of a tool becoming a liability increases.
Schmidt said these insights during a discussion on the Equity podcast with TechCrunch reporter Rebecca Bellan [1]. The conversation took place at the HumanX conference in San Francisco [1].
The discussion focused on the duality of AI in the modern corporate environment. While AI agents provide efficiency in software development, they also introduce new vectors for attack. Schmidt said that the danger is not only external but can stem from the very tools a company deploys internally [1].
Security professionals are now tasked with monitoring AI agents to ensure they do not exceed their intended permissions or execute unauthorized actions. The ability of an AI to act independently means that traditional security perimeters may no longer be sufficient to prevent data breaches or system failures.
Schmidt and Bellan said how the nature of cyberattacks is evolving. The integration of AI allows for more sophisticated attacks that can mimic legitimate user behavior, making detection more difficult for security teams [1].
“AI agents could potentially go rogue and create internal security risks for companies.”
The transition from static AI tools to autonomous agents creates a new 'insider threat' category. When AI agents have the authority to execute code or access databases, a logic error or a prompt-injection attack can turn a productivity tool into a security breach, necessitating a shift toward zero-trust architectures for AI.
