Agentic AI was everywhere at RSAC 2025—and it’s quickly emerging as a major force reshaping cybersecurity.
In a recent in-depth feature by Cybersecurity Tribe, twenty-one cybersecurity leaders shared how agentic AI is already transforming the cybersecurity landscape—from accelerating threat detection and automating defense, to creating new challenges posed by adversaries. Among them was Optery’s Founder and CEO, Lawrence Gentilello, who spoke about how attackers are using these new AI capabilities to supercharge personalized attacks fueled by exposed personal data, and how defenders need to respond.
Agentic AI moves from concept to implementation
The article highlights that while agentic AI has become a dominant theme in cybersecurity conversations, it’s still early in terms of widespread deployment. Cybersecurity Tribe reports that 59% of organizations are actively exploring or working toward integrating agentic AI into their security strategies. However, a much smaller percentage have actually deployed these technologies in their environments. Most organizations remain in the testing or evaluation phase—but adoption is expected to rise sharply by 2026.
Expert contributors outlined two main models for agentic AI:
- Autonomous agents that pursue defined goals with minimal human oversight (e.g., threat detection, incident response).
- Collaborative ecosystems in which multiple agents interact under a master coordinator, automating complex security workflows.
Emerging benefits
Security leaders cited key benefits already emerging from pilot deployments:
- Speed and scale: Autonomous agents can execute tasks in seconds that previously took hours or days.
- Precision and pattern recognition: AI can process vast datasets, uncover attack patterns, and help teams focus on true positives.
- Real-time response: Agentic AI can isolate systems, patch vulnerabilities, and trigger workflows in real time.
- Better resource allocation: By handling repetitive tasks, AI frees up human talent for strategy, threat hunting, and policy.
Key challenges
Alongside the benefits, experts expressed concerns:
- Governance: Agentic systems must be constrained within clear operational boundaries.
- Trust and transparency: AI agents must be auditable, explainable, and aligned with security policy.
- Weaponization by adversaries: Perhaps most urgently, attackers are using the same tools to scale their operations.
Agentic AI supercharges PII-driven attacks
Speaking on the weaponization of agentic AI, Optery CEO Lawrence Gentilello explained how it is automating reconnaissance and attack execution:
“Attackers are weaponizing agentic AI to orchestrate highly personalized campaigns that outpace traditional defenses. Threat actors are combining autonomous decision making with vast troves of personally identifiable information (PII) to conduct attacks. They’re automating the collection of data on targets across a range of sources, such as the dark web, social media, public records, and data brokers. Once ingested, this data fuels hyper‑targeted phishing and social engineering attacks. AI‑generated lures can adapt in real time, and adjust language, tone and imagery based on deep knowledge of the target.”
He went on to describe how identity fraud is also being scaled:
“Agentic AI can also enable large‑scale PII-driven identity fraud. Autonomous bots use stolen personal data to complete KYC checks, open fraudulent accounts, and launder funds, all at lightning speed. Deepfake voice assistants impersonate bank representatives, executives, or government employees, bypassing voice‑biometric systems by training on publicly available audio samples.”
He concluded with defensive recommendations:
“Defenders must respond in kind, eradicating exposed PII data, and employing ‘AI‑against‑AI’ deepfake detection techniques. By understanding how adversaries exploit PII, organizations can better defend themselves.”
Final thoughts
Agentic AI has moved beyond a theoretical possibility to a present reality transforming how both defenders and attackers operate. The insights gathered by Cybersecurity Tribe highlight that while these systems offer the potential to automate and accelerate defensive capabilities, they also introduce new dimensions of risk, particularly when paired with vast quantities of exposed personal data.
As adversaries grow more autonomous and adaptive, the security community enters a new kind of arms race—one where speed, precision, and proactive exposure management are essential. Agentic AI will undoubtedly wreak havoc on organizations with exposed employee PII, making personal data removal more critical than ever.
Read the full article here: Experts Reveal How Agentic AI Is Shaping Cybersecurity in 2025