How to Categorize AI Agents and Prioritize Risk

AI agents (AI systems that can reason, plan, and act autonomously across enterprise systems) are becoming more common in organizations, creating new security challenges. Risk from AI agents depends on two factors: access (which systems and data the agent can reach) and autonomy (how independently it can act without human approval). The text describes three categories of enterprise AI agents—agentic chatbots, local agents, and production agents—each with different risk levels based on their access and autonomy.