MIND this week extended the reach of its data loss prevention (DLP) platform to artificial intelligence (AI) agents that are increasingly being deployed across organizations with little to no regard for cybersecurity implications.

Company co-founder and CEO Eran Barak said the DLP for Agentic AI capability developed by MIND extends an existing DLP platform to ensure that sensitive data is not accessed or shared outside the organization.

The fundamental cybersecurity challenge created by AI agents is that they can autonomously create, access, transform and share data. While that creates significant opportunities to improve productivity, it also presents cybercriminals with a tempting target that, if compromised, provides a means to potentially access massive amounts of data.

The DLP for Agentic AI capability developed by MIND ensures sensitive data is governed and protected before any AI agent is allowed to access it, said Barak. The MIND DLP platform can also now identify which AI agents are active across the enterprise and monitor behavior in real time to detect risks that, by applying appropriate controls, can be remediated as they emerge, he added.

As the pace at which AI agents are being deployed continues to exceed the ability of cybersecurity teams to keep pace, it’s now more a question of when AI agents that are fairly easy to compromise will be the root cause of a cybersecurity incident. Researchers have already shown multiple examples of how a malicious prompt injection can be used to instruct an AI agent to share sensitive data with an external third-party.

Unfortunately, many organizations are not even aware of how many AI agents might already have been deployed by end users who typically don’t appreciate the cybersecurity implications. The DLP for Agentic AI tool from MIND makes it possible to enforce data security policies across both approved AI agents and shadow AI agents that the platform is able to discover, noted Barak.

No one knows for sure how many AI agents might have already been deployed in organizations, but cybersecurity teams should assume that there has already been some type of breach. End users are now routinely exposing sensitive information to AI agents that are being used to automate a wide range of tasks. Many of these AI agents are already embedded in, for example, software-as-a-service (SaaS) applications that are now being given access to data that is being uploaded from a local device.

Even less clear is to what degree that data might be used to train the next iteration of an AI model that, once prompted, will share it with anyone who cares to frame the right question.

In effect, AI agents are a new type of non-human identity that many existing legacy cybersecurity tools and platforms are not yet capable of identifying and securing. The challenge, as always, is that cybersecurity professionals are not always in a position to prevent end users from adopting a tool. That’s especially problematic when end-user enthusiasm for AI far exceeds common cybersecurity sense.

January 29, 2026January 29, 2026 Michael Vizard agentic AI security, AI agents, AI data security, AI Governance, AI monitoring, Cybersecurity Automation, Data Loss Prevention, enterprise AI risk, non-human identity, prompt injection attacks, SaaS Security, sensitive data protection, Shadow AI