Cloudflare's AI pivot: Agentic AI risk considerations for IT execs

Understanding agentic AI in the cybersecurity context

Traditional AI can handle single tasks with limited human direction. Agentic AI works more autonomously, enabling it to plan multi-step tasks, adapt to changing conditions, make decisions and work until the objective is complete with little to no human oversight.

When implemented in cybersecurity applications, AI can provide continuous network monitoring, pattern recognition and threat detection across multiple data sources and initiate automated incident response and containment when needed.

In its push to usher in its "agentic AI era", Cloudflare modified its operating model by using AI agents across the board, including in engineering, HR, marketing and finance.

The most notable is engineering, where Cloudflare built an internal AI stack called iMARS (Internal MCP Agent/Server Rollout Squad) using its own AI infrastructure products. The system integrates coding assistants, internal MCP servers, automated testing, and code review agents, according to its website. To date, 93% of its R&D organizations now use AI coding tools, and all AI-generated code is reviewed by autonomous agents, according to the company's blog.

Cloudflare is also using AI agents in HR, marketing and finance, reporting that it runs thousands of AI agent sessions each day to complete tasks.

The efficiency promise: What IT executives need to know

By restructuring, Cloudflare expects to incur $140 to $150 million in restructuring charges in 2026, which includes $105 to $110 million in cash for severance, benefits, and notice periods, as well as $35 to $40 million in non-cash equity vesting, according to a report by MSN.com.

In return, the company plans to gain long-term operational efficiency as it enters its "agentic AI era." The organization currently analyzes 227 billion cybersecurity threats daily using ML models. The work is completed at machine speed and without fatigue.

The annual Cost of a Data Breach Report published by IBM in conjunction with the Ponemon Institute stated that organizations using AI and automation extensively for security save nearly 40% on breach-related expenses.

The transformation that AI promises is less about individuals using assistance more regularly throughout the day and more about transforming the nature of work and how whole classes of work are done at an organizational level, said Adam MaGill, global chief information security officer at Concentrix.

This transformation requires re-architecting of identity management and organizational responsibility. Unlike human workers, AI agents cannot be managed with traditional multifactor authentication; they require fine-grained, non-deterministic controls to mitigate agent drift and limit the "blast radius", or total scope of potential damage that can be caused by potential incidents from a misbehaving agent. The damage can include data corruption, security breaches or flawed workflows.

As more organizations transition their workflows, third-party risk management will likely evolve to include contractual obligations for vendors to use frontier models for vulnerability, MaGill said.

As more AI agents enter the workplace, responsibility for objective management may shift from department heads to the IT side of the house, changing the CIO role, he said.

The hidden risks – your exposure assessment

When implementing AI technology, organizations need to apply the same rigorous GRC standards they use for human employees and traditional software, said Heath Mullins, chief evangelist at ExtraHop and a former Forrester Analyst.

He recommends treating AI agents as distinct identities with restricted permissions and maintaining a human-in-the-loop to mitigate the risk of false, misleading or biased information they can sometimes produce.

"Without understanding how these agents are moving across your network and what they have access to, you're literally driving yourself into the abyss," Mullins said.

To minimize risk:

• Train the staff on acceptable usage of the AI agent. Avoid the rise of shadow AI, or employees using personal AI access to interact with corporate resources. Without network-level visibility, these agents operate in a "blind channel" that bypasses traditional security logs.
• Treat AI agents as a network identity. A critical governance shift is underway in which AI agents are treated as entities governed with the same strictness as a human administrator.
• Only provide necessary access. Implement guardrails around what it can and cannot touch.
• Track and be informed. Continuous monitoring of data traversal will detect unauthorized actions.
• Have a rollback in place. Amid evidence of self-preserving behavior in advanced agents, a "kill switch" should be established to remove control from the agent if necessary.
• Keep a human-in-the-loop. Removing the human element, especially in high-stakes fields such as healthcare or finance, creates the potential for disaster.

As AI becomes part of the daily workflow and agents take on more roles, concerns arise that it will create an entry-level vacuum, where junior-level jobs are replaced by AI instead of using AI to train them. The result is a future gap as newer engineers don't move into senior architect or security roles.

Many feel this would result in a loss of accumulated expertise, tribal knowledge and nuanced judgment that comes from years of security experience.

"I really want to see this move forward as being used as a tool to augment and train to advance people's careers rather than completely supplanting their career, and in some cases, completely shutting that career path off," Mullins said.

A great demand still exists for engineers who are "natives to AI," said Dean Gefen, CEO of NukuDo and Red Alpha. He predicts 10 to 15 years of job security for people who upgrade their skills now. This is especially true for cybersecurity professionals with integrated AI capabilities, client-facing technical roles and forward-deployed engineers who help organizations implement and govern AI agents.

To address traditional hiring shortages, Gefen's organization pays a salary and provides training in exchange for a three-year employment commitment to a client organization.

Strategic considerations for IT leaders

AI will continue to play an important role in cybersecurity as the methods used in cyberattacks grow more sophisticated.

"Attackers are already leveraging AI to fuzz defenses, generate polymorphic malware, and script complex attacks at machine speed. If your defense relies solely on human analysts staring at dashboards, the battle is already lost," said Brett Smith, distinguished software developer on the Developer Experience Team at SAS.

As AI becomes more integrated in critical infrastructure, organizations need to understand how agentic AI changes security operations, weigh the benefits against the risks and implement strategic guardrails.

An AI-native approach acts as a distant early warning system. It understands context, creating a security layer that speaks the same language as the threat. Real time, context-aware security keeps pace with AI-driven coding and attacks, Smith said.

Still, AI can add its own risk and vulnerabilities to the system if proper guardrails aren't in place. Over-reliance can cause catastrophic damage if agents hallucinate or misinterpret data. The models themselves can be targeted using prompt injections, data poisoning or adversarial attacks.

The most dangerous scenario is what Smith calls the "lethal trifecta." This can occur when an agent possesses untrusted input, access to private data and external communication.

Cloudflare's pivot signals a broader industry trend, but organizations should not rush to replace their security teams with unchecked AI agents. Instead, a strategic, human-guided approach is necessary, Smith said.

"The shift toward AI in cybersecurity isn't just a trend but a necessary evolution to keep pace with modern adversaries. But organizations must be smart about how they deploy autonomy to ensure the cure doesn't become worse than the disease," Smith said.

The broader industry context

Tech sector layoffs have surged to their highest levels in years. In recent months, tech giants, including Meta, Microsoft, Amazon, and Oracle, reduced their workforce while expanding AI use beyond coding into marketing, HR, customer service and administrative roles. Executives say the move will make the organizations more efficient.

Others, including Nvidia CEO Jensen Huang, say that it "doesn't make any sense" for companies to link AI before generative AI tools became widely useful in the workplace.

"I think the narrative that connects AI to job loss for many of the CEOs that are doing it, it is just too lazy," Huang said in an interview with Channel NewsAsia. "AI has just arrived. How is it possible they're already losing jobs?"

The response from Wall Street has been mixed. CNBC compiled a list of 23 S&P 500 companies across sectors, including Nike, Salesforce and Fiverr, that cited AI in announcing layoffs. Fifty-six percent of the companies listed traded in the red after the announcement, CNBC reported. The average decline was about 25%.

Although investors usually appreciate efficiency measures, they seem to be growing weary of rising AI spending and the uncertainty it creates.

Julie Hanson is a freelance writer who has reported on local news across Massachusetts and New Hampshire.