{"data":{"id":"7de748a1-ee90-4bfb-8d73-c2d93a0bed16","title":"Building agent-first governance and security","summary":"As AI agents (software programs that can make decisions and take actions without direct human control) become more common in companies, they create new security risks because insecure agents can be manipulated to access sensitive data and systems. Most companies plan to deploy agentic AI soon, but only 21% have mature governance systems in place, leaving them vulnerable. The source emphasizes that enterprises need a control plane (a centralized system that manages which agents can run, what permissions they have, and what policies they follow) to safely manage agents, track what they do, and prevent uncontrolled or unpredictable failures at scale.","solution":"According to the source, enterprises need to implement 'a robust control plane that governs, observes, and secures how AI agents, as well as their tools and models, operate across the enterprise.' A control plane is defined as 'the shared, centralized layer governing who can run which agents, with which permissions, under which policies, and using which models and tools.' The source states that governance must make it obvious (not aspirational) that you can answer what an agent did, on whose behalf, using what data, under what policy, and whether you can reproduce or stop it.","labels":["security","policy"],"sourceUrl":"https://www.technologyreview.com/2026/04/21/1136158/building-agent-first-governance-and-security/","publishedAt":"2026-04-21T17:22:54.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"info","attackType":[],"issueType":"news","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":[],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-04-21T17:22:54.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","availability"],"aiComponentTargeted":"agent","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}