The Age of Agents Has Already Begun

Robert Joyce • July 4, 2026

The Age of Agents Has Already Begun

Something is shifting under the feet of every security team, and most defensive playbooks haven't caught up yet.


For decades, our tools waited for us. They flagged, they alerted, they queued up work for a human to triage. The machine held the flashlight; the analyst decided where to point it. That model is ending. Agentic AI systems reason, plan, and act on their own to reach a goal. In cyber defense that means systems that detect a threat in real time, coordinate a response across the network, probe for weaknesses, and shift tactics as conditions change, all without waiting for someone to tell them what to do next.


That is not a faster version of what we already have. It is a different kind of teammate, and it forces questions we have not had to answer before. How do you govern behavior you did not explicitly program? What does accountability look like when the actor is an algorithm? And how do you lead when intelligent agents operate alongside you, and sometimes out in front of you?

The same capability cuts both ways. The agents that defend your perimeter are built on the same foundations as the ones adversaries will point back at you: intelligent recon, dynamic payload delivery, operations that adapt mid-stride. Defenders and attackers are drawing from the same well, and the side that learns to direct these systems first will set the pace.


I've been working with Sean Joyce and David Ames on a new series from PwC's Cyber & Risk Innovation Institute that maps this terrain: agentic AI as the next frontier of cyber defense, AI agents as a new class of insider risk, the hard problem of keeping autonomous systems accountable (constraints, monitoring, graceful shutdowns), and how attackers are likely to weaponize the same tools we're deploying to stop them.


The organizations that come out ahead won't be the ones that simply bought AI. They'll be the ones that built the strategy, the culture, and the digital teams to work with it.


Read the series here:

The rise of autonomous AI in cybersecurity

By Robert Joyce July 9, 2026
A discussion with Mastercard
By Robert Joyce April 14, 2026
This is a subtitle for your new post
By Robert Joyce April 13, 2026
The AI Vulnerability Storm: Getting "Mythos-Ready" Before It Hits
By Robert Joyce April 8, 2026
AI Vulnerability Discovery is Real, and it is Here!
March 23, 2026
AI-Powered Attacks Are Already Here — And They're Winning
By Robert Joyce January 13, 2026
What does rapid AI advancement mean for new offense and the defense?
By Robert Joyce January 5, 2026
The environment has changed...
By Robert Joyce December 15, 2025
Geopolitical Risk
By Robert Joyce September 24, 2025
Risky Business Podcast
By Robert Joyce August 25, 2025
Adding detail to the concepts of the Cyber Safety Review Board