AI Agents Expand Enterprise Security Attack Surface

The conversation with Nomi Security CEO Emanuel Salmon centers on how AI agents are reshaping the enterprise attack surface. While traditional IT, cloud, and IoT have already expanded threat vectors, AI introduces a multi‑layered frontier that spans infrastructure, identity, and application layers, demanding fresh security thinking. Salmon emphasizes that AI agents act as identities performing privileged tasks, making identity governance, guardrails, and prompt‑engineering defenses essential. Yet attackers will still gravitate toward the weakest link—often legacy systems or poorly protected identities—rather than the novel AI layer, meaning the bulk of threats remain familiar phishing and ransomware tactics. A striking point is the nondeterministic nature of AI agents: a malicious prompt may not reliably execute, and attackers can be as frustrated as end users. Observability is another pain point; current logs rarely capture agent actions, prompting a surge in new tooling focused on AI‑specific visibility and governance. For enterprises, the takeaway is clear: AI adoption must be paired with dedicated security controls, risk‑based governance, and rapid development of observability solutions. Without these, organizations risk both incremental breaches and a potential high‑impact incident that could halt AI initiatives and erode stakeholder confidence.