According to Gartner’s analysis, 15% of routine business decisions will be made autonomously by artificial intelligence (AI) agents by 2028. Data like this reinforces that this technology category is becoming increasingly strategic for organizations’ growth plans, as it helps increase productivity levels and the assertiveness of actions.
Felipe Thomé, co-founder and COO of CisoX, a startup in the Dfense group, explains that this growth highlights the difference between these AI tools and assistants. ‘While Siri, Google Assistant, and corporate chatbots in general perform simple, reactive tasks like responding to emails or managing schedules, agents operate autonomously, capable of monitoring environments, detecting patterns, predicting scenarios, and acting strategically,’ he says.
Due to these characteristics, this branch of AI can enhance human action, allowing teams to focus on complex, high-impact business tasks rather than operational and time-consuming activities. The company’s expert cites cybersecurity as an example of a sector benefiting from this dynamic.
‘It’s possible to create more robust and precise information security strategies dynamically, without relying on entire teams and fragmented schedules. This frees up resources and allows companies to adapt their security plans in real time, ensuring relevance and alignment with the current scenario,’ he states.
New cybersecurity challengesDespite being innovative, the rise of AI agents also brings many challenges to the cybersecurity sector. The main one is accessibility, as until recently, detailed risk and vulnerability analyses were restricted to large corporations with resources to hire specialized consultancies. However, small and medium-sized businesses lacked access to these strategic diagnostics, making them more vulnerable to cyberattacks.
‘Information security needs to be an accessible right, not a privilege for those who can pay dearly,’ emphasizes Thomé. ‘AI agents must have this democratization bias in their development and implementation, reducing barriers and allowing any company to protect its data strategically and efficiently,’ he adds.
In the market, some ways to ensure this accessibility are already standing out, such as reducing security master plan subscription periods from three years to one. ‘At CisoX itself, we significantly lowered our service price compared to traditional consultancies due to the annual model, ensuring companies review their strategies in real time, adjust investments, prioritize projects, and stay updated in an ever-evolving threat landscape,’ the executive notes.
Leaving the traditional mindset aside
Besides cost, the old model of hiring specialized consultancies also brings other potential problems. One is the dependence on individual technical knowledge, which not only leaves room for human errors and inconsistent analyses but also involves a slower defense implementation process.
In this sense, companies that integrate AI agents into their core business are gradually transforming this scenario. CisoX, for example, bases this technology’s operation on the NIST (National Institute of Standards and Technology) framework, enabling its platform to conduct assessments with over 360 criteria to measure the maturity of each client’s information security processes. Thus, the time for risk mapping and producing approximately 300-page reports is reduced from four months to just two minutes.
‘AI agents are proving that automation isn’t just a buzzword but a path to ensuring efficient, fast, and context-adapted information collection for each organization,’ concludes Felipe Thomé.
