This site is part of the Informa Connect Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 3099067.

Risk Management
search
Cyber Risk

Agentic AI opportunities in cyber risk management

Posted by on 03 December 2025
Share this article

Charlie Lewis, Global Leader of Cyber Risk, McKinsey, shares agentic AI applications and governance structures in risk management.

Key areas where agentic AI can enhance cyber security include incident response improvements and identity and access management. However, Charlie highlights that businesses must adapt their security measures to address new risks posed by agentic AI adoption. CROs and CISOs are needed to integrate security from the outset to ensure successful implementation and growth. For 2026 and beyond, agentic AI workflows will be key to keep pace with evolving cyber threats for proactive security management. Watch the interview or read the summary below.

The evolution of risk management with agentic AI

Agentic AI is poised to revolutionise every workflow in every business and traditional approaches to risk management must evolve in tandem with these technological shifts. In the realm of cybersecurity, agentic AI is enhancing incident response and identity management, ensuring faster and more efficient processes. This evolution extends to model risk management, necessitating a paradigm shift in how data is validated across end-to-end workflows.

Security considerations in the age of agentic AI

Businesses must rethink their security strategies to accommodate agentic AI. For example, delegating authority to agents operating through a server introduces new risks compared to human interactions. Developing an integrated governance process is key, as well as adopting a comprehensive risk assessment approach. Security should not be an afterthought but a foundational element woven into the very fabric of the AI development process.

Engaging of CROs and CISOs

Chief Risk Officers (CROs) and Chief Information Security Officers (CISOs) play a vital role in this new landscape. Their involvement from the outset is crucial to balancing growth with security. Charlie shares a compelling analogy: just as a parent gradually allows their child more freedom to learn independently, businesses must enable growth while maintaining a guiding presence. It’s about fostering an environment where innovation can thrive safely.

Opportunities and threats in 2026 and beyond

Recent developments, such as nation-state actors exploiting AI for cyber-attacks, underscore the urgent need for businesses to harness agentic AI defensively. By developing their own agentic workflows, companies can stay ahead in the race to mitigate threats. This proactive stance allows organizations to benefit from faster identity management and improved incident response, ultimately reducing costs and enhancing security.

Explore cyber risk and resilience trends with leading experts at RiskMinds International. Save the date – 16-19 November 2026, London!

Share this article

Related Articles

Cyber Risk

The CRO’s mandate: Driving agility through innovation

Read More
east
Read More
east
Cyber Risk

The future of cyber risk management in finance: Key strategic elements, tools, and skills

Read More
east
Read More
east
View all related articleseast

Related Event

RiskMinds International

  • 16 Nov, 2026
  • 4 days
  • London, UK
Book Now
east
Book Now
east

Sign up for Risk Management email updates

keyboard_arrow_down
Subscribeeast