AI is evolving at an unprecedented pace. And we're entering into a new frontier, agentic AI. These aren't just chatbots or recommendation engines. These are AI systems that can set goals, make decisions, and take actions autonomously. This shift brings massive opportunities, automating complex workflows, accelerating innovation, but also introduces serious risks. What happens when AI makes decisions without human oversight? How do we govern AI that thinks and acts for itself? And that's exactly what we're here to discuss. Let's start with why agentic AI is different from traditional AI. Unlike classical machine learning models, which respond to predictive inputs and produce expected outputs, agentic AI takes the output from one AI model and actually uses it as the input for another AI model. There are four key characteristics, all that stem from autonomy, which amplifies various new forms of risk. First, there's underspecification. The AI is given a broad goal, but no explicit instructions on how to actually achieve it. Long-term planning. These models make decisions that build on the previous ones. Goal directedness. Instead of simply responding to the inputs, they work towards a goal. And then there's directedness of impact. Some of these systems operate without any human in the loop. So what I want you to remember is that autonomy itself is equal to increased risk. And I'm going to put three exclamation points. And that's the issue. As autonomy increases, so do risks like misinformation, decision-making errors, and security vulnerabilities. Many organizations are still catching up with the generative AI risks. And agentic AI just amplifies them. Note, with outcomes like these, there are even fewer humans in the loop, fewer domain experts making course corrections. Look, we don't have time to define each and every one of these risks for you. We could record a show on each and every single one of them, but we do want you to see this impressive list of risks that are amplified or net new with agentic AI, because we want you to understand why governance is so critical. Now let's talk about how we actually govern this technology. Effective governance for agentic AI requires a multilayered approach covering technical safeguards, guardrails like interruptibility. Can we pause or shut down specific requests or even the entire system? Human in the loop. When does AI require human approval? Is the agent able to stop and wait for that input? And confidential data treatment. Do we have the adequate data sanitation like PII detection and masking to avoid a sensitive information disclosure? Additionally, we have process controls, things like risk-based permissions. What actions should AI never take autonomously? Auditability. If an AI arrives at a decision, can we trace back to how it made that choice? In monitoring and evaluation, AI performance needs constant oversight. And lastly, accountability and organizational structures. Who takes responsibility when AI decisions lead to harm? What regulations apply to your AI use cases? And how do we hold our vendors accountable for the AI's behavior? Now let's dive into the technical safeguards. Any organization deploying agentic AI needs guardrails at each of the main components of an agent. The first one being at the model layer. This is to check for bad actors who are trying to have the agent take actions that are not aligned with your organizational's policies or guidelines. Or even human ethical values. Absolutely. The next layer is the orchestration layer. Here you're going to want to have infinite loop detection to not only maintain an enjoyable user experience, but to avoid very costly failures. Then at the tool layer, we're going to want to make sure we limit each tool for a specific agent to give them the appropriate usage and not go outside of their predefined areas. And we do that via role-based access control. How do we know all of this fits together? We need to rigorously test the system. We highly recommend red teaming so we can expose any vulnerabilities before we get to deployment. And once we do get to that deployment, we want to make sure that we are continuously monitoring. So that we have automated evaluations to understand if we have any hallucinations or compliance violations. The most successful organizations are already leveraging advanced tools and frameworks to ensure safe and effective AI deployment. These include models and guardrails designed to detect and mitigate risks in AI-generated prompts and responses, agent orchestration frameworks that enable the safe coordination of workflows across multiple AI systems, security-focused guardrails that help enforce policies and protect sensitive data during interactions, and observability solutions that provide insights into system behavior, helping teams monitor and understand what's actually happening underneath the hood. Agentic AI is here. It's powerful. It's evolving fast. And organizations that don't take governance seriously today will regret it tomorrow. And governance is not just about security. It's about control. AI should empower organizations, not create unmanaged risks. So here's our challenge to you. Before you let AI act on your behalf, make certain you have the right guardrails in place. Because in the age of agentic AI, responsibility doesn't just fall on the machine, it falls on us.