State of Agentic AI Security and Governance – Summary for Legal and Compliance Professionals

The OWASP GenAI Security Project’s Agentic Security Initiative is the driving force behind the State of Agentic AI Security and Governance, Version 1.0 report (July 2025). This initiative, comprising security professionals, AI researchers, and governance experts, operates under the global, open-source umbrella of OWASP (the Open Worldwide Application Security Project). While no single author is named, the report reflects the collective expertise and consensus of a broad, international working group dedicated to developing practical, community-vetted guidance for securing autonomous AI systems

Introduction

Agentic AI refers to a new generation of artificial intelligence systems that combine large language models (LLMs) with reasoning skills, memory, and the ability to perform autonomous multi-step tasks by using tools, APIs, and other agents. Unlike traditional AI chatbots that respond only when prompted, Agentic AI can proactively plan, act, and adapt its strategies based on changing inputs and objectives. This shift has transformative potential in legal services, mediation, and compliance, streamlining research, drafting, case analysis, and client interaction but it also introduces unique risks that must be addressed through thoughtful governance and security controls.

Key Security Risks and Threat Types

The OWASP report identifies distinct vulnerabilities created by Agentic AI’s autonomy:

• Memory Poisoning – Malicious or false information is inserted into the AI’s short or long-term memory, influencing decisions and outputs. For example, a poisoned knowledge base could cause an AI to misinterpret case law.
• Tool Misuse – Exploiting the AI’s connected tools (like databases, payment systems, or document generation) to carry out harmful or unauthorized actions.
• Privilege Compromise – Abusing weak permission settings to access restricted data or systems.
• Cascading Hallucinations – Errors or fabricated facts that spread across multiple linked systems or agents, potentially influencing court filings or compliance reports.
• Adversarial Coordination – Multiple agents acting together (sometimes across organizations) to evade controls or manipulate outcomes.
• Insider Threats – Trusted individuals using an AI agent’s access privileges for malicious purposes.

These risks are amplified by the AI’s ability to act without constant human oversight, making early detection and continuous monitoring essential.

Regulations, Compliance Frameworks, and Governance Trends

 European Union (EU)

• EU AI Act – Introduces risk-based classifications, strict oversight for high-risk AI, and mandatory human oversight in sensitive domains such as healthcare, finance, and law. Circuit breakers are required to halt unsafe operations.
• GDPR – Limits fully automated decision-making, requiring transparency and human review.
• NIS2 Directive – Strengthens cybersecurity requirements for AI in critical infrastructure.

 United States

• Patchwork of federal and state rules: Colorado, Texas, and Utah have introduced AI laws focusing on bias prevention, transparency, and safe deployment.
• Executive Orders promote AI infrastructure, clean energy usage, and responsible AI governance.

 Asia-Pacific

• China – Strict data localization, real-time monitoring, and algorithmic transparency.
• Japan – Human-centric principles with mandatory oversight for critical AI decisions.
• Singapore – Voluntary but widely respected guidelines for transparency and explainability.
• South Korea – Certification requirements for high-risk AI.

 International Standards

• ISO/IEC 42001 – AI management systems.
• NIST AI RMF – Flexible AI risk management framework.
• HITRUST (Health Information Trust Alliance) AI Security Assessment – Tailored to sensitive industries like healthcare and finance.

Governance trends are moving toward dynamic, real-time oversight that can adapt policies and controls as AI systems evolve post-deployment.

Future Trends in Agentic AI Security and Governance

• Continuous Monitoring – Moving from periodic audits to live dashboards tracking AI actions and risks.
• Human-in-the-Loop by Default – Mandatory human checkpoints for high-risk AI decisions.
• Adaptive Cybersecurity – Real-time detection and prevention of adversarial attacks.
• Industry Self-Regulation – Voluntary ethical certifications and third-party audits to get ahead of formal regulations.
• Machine-Readable Compliance – Embedding laws and policies into AI systems so they can self-check compliance.

Main Takeaways and Recommendations for Law Firms, Mediators, and Organizations

1. Integrate AI Security into Everyday Operations – Apply access controls, logging, and monitoring to every AI tool in use.
2. Map Your Compliance Landscape – Understand overlapping jurisdictional requirements before deploying Agentic AI.
3. Maintain Human Oversight in Critical Decisions – Even the most advanced AI should not operate without human review where legal rights, compliance obligations, or high-value disputes are involved.

4. Prepare for Incident Response – Establish clear procedures for detecting and responding to AI misuse or security breaches.

5. Adopt ‘Sandboxed Autonomy’ – Allow AI to operate freely within safe boundaries but keep kill switches and override options.

6. Engage in Self-Regulation – Participate in industry-led governance initiatives to stay ahead of evolving laws.

By implementing these strategies, legal professionals and mediators can leverage the efficiencies of Agentic AI while minimizing risks to clients, cases, and compliance obligations.

Robert Bergman

Robert Bergman with Next Level Mediation provides full mediation services - including proprietary and confidential Decision Science (DS) analysis that assists each party in understanding their true litigation priorities as aligned with their business objectives. Each party receives a one-time user license to access our exclusive DS Application Cloud. We… MORE