Security in the Age of Agentic AI | Vasu Jakkal, VP Microsoft Security
She describes AI as the "core DNA" of Microsoft Security, embedded in every product and service to enhance defense capabilities.
Vasu Jakkal, Corporate Vice President of Microsoft Security, has outlined a transformative vision for cybersecurity in the era of agentic AI, emphasizing both the opportunities and challenges it presents.
Jakkal views AI, particularly generative and agentic AI, as integral to modern cybersecurity.
She describes AI as the “core DNA” of Microsoft Security, embedded in every product and service to enhance defense capabilities.
Agentic AI, capable of autonomous decision-making, reasoning, and learning, is seen as a game-changer, shifting tools like Microsoft Security Copilot from passive assistants to active, adaptive agents that can autonomously handle tasks like phishing triage, data security, and identity management.
Massive Scale
Jakkal highlights the exponential growth in cyber threats, noting that Microsoft processes 84 trillion threat signals daily, with 7,000 password attacks per second and over 30 billion phishing emails detected in 2024. This overwhelming volume surpasses human capacity, making AI agents a necessity to scale defenses and keep pace with sophisticated, AI-driven attacks.
She also emphasizes that “AI must start with security.” As organizations adopt agentic AI, robust security measures, including identity controls and governance, are critical to prevent misuse, such as prompt injection or jailbreaking by malicious actors (20% of data breaches are caused by insiders). She advocates for a Zero Trust framework to manage AI agents, ensuring they have defined identities, least privilege access, and explicit verification.
Jakkal underscores that governance is an “irreplaceable role” for cybersecurity professionals. As AI agents become ubiquitous, acting as “digital colleagues” for tasks like research, analytics, or scheduling, security teams must define and guide their behavior to align with organizational goals and ethical standards. This includes shielding agents from external and internal threats and ensuring compliance with regulatory requirements.
She stresses that cybersecurity professionals must become AI leaders to thrive in this new era. Developing AI skills is a “must-have” to counter AI-driven threats, as attackers increasingly leverage AI for easier and faster attacks. Tools like Microsoft Security Copilot improve defenders’ speed (26% for early-career, 22% for seasoned professionals) and accuracy (35% and 7%, respectively), making them essential for leveling the playing field.
While AI agents enhance efficiency, Jakkal believes human creativity, predictive thinking, and diversity remain vital. She advocates for inclusive cybersecurity teams to bring varied perspectives, ensuring innovative solutions that AI alone cannot replicate. This human-AI collaboration is key to staying ahead of attackers.
She highlights Microsoft’s advancements, such as the Secure Future Initiative, which integrates security into design, default settings, and operations, involving over 34,000 engineers. The introduction of Microsoft Entra Agent ID assigns identities to AI agents, centralizing management and enhancing security. Security Copilot’s six new AI agents (e.g., phishing triage, data loss prevention) and partnerships with companies like ServiceNow and Workday further strengthen defenses.
Frontier Firms
Jakkal envisions a future where organizations become “Frontier Firms,” with humans and AI agents working in tandem. Within two to five years, every organization is expected to adopt agentic AI, necessitating a strong security foundation from the start. This transformation, showcased at events like RSAC 2025 and Microsoft Build 2025, aims to make security proactive, efficient, and inclusive.
In summary, Vasu Jakkal believes the age of agentic AI offers unprecedented opportunities to enhance cybersecurity through autonomous agents, but it demands robust governance, Zero Trust principles, and AI-skilled defenders to address escalating threats. Security must be the foundation of AI adoption to protect organizations and empower a diverse, innovative workforce.
