AI agents boost productivity, but they also widen the attack surface.
getty
When the pandemic forced the shift to remote work, many assumed it was temporary. But the “everywhere workplace” quickly became permanent because employees and organizations realized the flexibility and productivity gains were too valuable to give up.
We’re at a similar inflection point now with the rise of agentic workspaces—AI-driven environments where autonomous digital assistants don’t just fetch information but actually act on behalf of employees. These agents are scheduling meetings, drafting documents, analyzing conversations and negotiating workflows across platforms. Work isn’t just faster; in some cases, it feels like it’s running itself.
That’s exciting, but it also raises a familiar concern. When something feels seamless, it’s usually because complexity—and risk—is being hidden.
A New Security Blind Spot
Agentic workspaces are powerful, but they’re also opaque.
If an AI agent summarizes a confidential meeting, where is that data stored? If it drafts a legal or financial analysis, who else can access the context behind it? Without visibility into these flows, organizations are trusting processes they can’t fully see.
It reminds me a little of the double-edged sword of QR codes. They exploded during the pandemic as a frictionless way to access menus or pay bills. But that very simplicity masks a serious risk: people have been conditioned to trust QR codes without knowing where they actually lead. Agentic workspaces carry the same dynamic. The convenience is undeniable, but the trust is often blind.
Scott Crawford, head of information security research at 451 Research / S&P Global, breaks down why this blind spot is different from past challenges: “Agentic AI is distinguished by three primary capabilities: the modeling of reasoning based on inputs and available memory context; the ability to make decisions; and the taking of actions, often using tools. Given sufficient confidence in deployments, the ideal is for agents to operate with a high degree of autonomy. But these factors introduce new aspects of risk. The non-deterministic nature of agentic actions may make it more difficult for organizations to define constraints that mitigate those risks.”
That unpredictability makes visibility and guardrails essential—and explains why security vendors are racing to address it.
Proofpoint’s Industry-First Approach
A blog post from Proofpoint CEO Sumit Dhawan lays out a coherent strategy for collaboration and data security challenges in the emerging agentic workspace, and outlines a number of solutions and partnerships from Proofpoint to enable it.
Proofpoint is the first major security vendor to announce a solution explicitly designed for this new environment. Rather than layering more controls on endpoints or networks, they’re embedding security directly into the flow of conversations, documents and AI-driven actions.
This matters because in an agentic workspace, the “user” isn’t always a person. It’s an autonomous agent making decisions on behalf of a person. Traditional security controls were never built for that scenario. By extending visibility and protections into these workflows, Proofpoint is aiming to safeguard both collaboration and the sensitive data being exchanged.
Lessons From the Everywhere Workplace
The parallels to the pandemic-driven workplace shift are striking. Surveys showed that 87% of workers never wanted to return to the office full-time, and many were even willing to trade compensation for flexibility. Leaders who assumed the change was temporary were caught unprepared.
Agentic workspaces are on a similar trajectory. Once employees experience the productivity gains of offloading repetitive tasks to AI, there will be no turning back. Organizations that treat it as a short-lived experiment risk being blindsided again—this time by security gaps.
Where the Real Risks Will Emerge
Todd Thiemann, principal analyst at Omdia, points out that many current AI agent deployments are happening within SaaS applications like Salesforce Agentforce, Workday agents and Microsoft’s Security Copilot. These “walled gardens” offer some safety because vendors control authentication and authorization. But the real challenge will come when agents start interacting directly with applications, where they can access more sensitive systems and data.
Thiemann warns, “The real value for agentic AI will come when agents start touching core enterprise applications. That is where enterprises will unlock significant AI value, but also encounter significant security risk from AI agents. Agentic AI dramatically expands the enterprise attack surface and requires new security tooling to mitigate that risk.”
That risk is compounded by the speed of adoption. Enterprises are investing heavily in agentic AI, often rushing pilots into production to demonstrate ROI. Security is typically an afterthought. Over-permissioned agents or weak guardrails could quickly lead to incidents such as data breaches or fraud. Thiemann believes it may take a high-profile security failure to push organizations into tightening controls.
Why It Resonates
I’ve written for years about technologies that promise to make life easier but introduce new risks. New technologies typically follow a familiar pattern. We embrace the benefits quickly, but security usually lags behind. Proofpoint’s announcement feels like an attempt to break that cycle by building guardrails into agentic workspaces from the start.
Crawford made the point clearly: “There’s no time like the present for vendors to play a leading role in helping organizations find workable ways to contain those risks and help agentic functionality fulfill its promise.” Proofpoint is stepping into that role, and others are likely to follow.
The Road Ahead
Agentic AI isn’t a fad—it’s the logical next step in automation. We’ve moved from macros to chatbots to agents that adapt, decide and act. That shift makes securing the data layer, not just the perimeter, essential.
If history is any guide, standards and best practices will eventually emerge to define how agentic workspaces should be secured. But for now, organizations can’t afford to wait. The vendors and enterprises that move early will shape those guardrails—and give themselves a head start in keeping this new era of work safe.