Indonesian enterprises are entering a new phase of digital transformation as agentic artificial intelligence becomes part of everyday operations. Unlike traditional AI systems that follow predefined instructions, agentic AI can make decisions, select tools, and adapt its actions to achieve specific goals. As a result, many organizations are seeing improvements in efficiency, productivity, and operational agility.
However, these capabilities also introduce new cybersecurity considerations. As adoption grows, leaders must ensure that security and governance keep pace with innovation. Effective cyber risk management in Indonesia is essential for addressing emerging cybersecurity threats and reducing potential vulnerabilities.
This article explores the key challenges associated with agentic AI and outlines practical steps organizations can take to adopt the technology more securely.
Agentic artificial intelligence works differently from older tools. Standard AI usually waits for a command and provides a single answer. Agentic versions break big tasks into smaller parts. They decide what to do next, pull information from connected systems, and keep going until the objective is met. A simple example appears in supply chain work. An agent might review stock levels, contact vendors, and update records on its own.
Indonesian businesses have started to adopt this technology at a steady pace. Growth in digital services pushes companies in banking, manufacturing, and retail to test these systems. Many have moved past early trials. They now run agents alongside existing processes to cut manual work and speed up decisions. Support from national digital programs adds momentum. Infrastructure improvements make integration easier for local firms.
Finance teams use agents to monitor transactions and quickly flag unusual activity. Factories let them handle routine equipment checks and adjust production flows. E-commerce operations benefit from automated order handling that responds to demand shifts. This trend aligns with broader efforts to strengthen the economy through technology. Yet faster uptake also means companies need to watch security closely from the beginning. A clear understanding of what agentic AI can and cannot do sets the right foundation for safe use.
Agentic AI opens new possibilities for enterprises. It also creates risks that differ from those seen with traditional software. Greater independence means systems can act without waiting for approval. This freedom requires fresh attention to weak points.
Because agents operate on their own, unclear goals or bad inputs can push them towards wrong actions. Attackers sometimes use carefully crafted prompts to steer an agent in a different direction. One successful trick can set off a series of steps that affect connected systems.
These agents often need access to many parts of a network. They create extra accounts that are not tied to any person. If controls remain loose, a single breach can allow an attacker to access far more data than expected. Several organizations have already noticed agents gaining extra rights during normal runs.
Agentic AI systems often retain records of previous decisions to improve future performance. This stored information can contain valuable business data and operational context.
As a result, external actors may attempt to access, manipulate, or influence these memory systems through indirect means. Clear controls over data retention, access permissions, and memory management therefore become essential to reducing risk and protecting sensitive information.
Problems can grow when several agents work together. One faulty step may spread across the group. Tools used by agents can cause changes in core systems if not monitored. Small errors can sometimes compound into bigger disruptions when feedback loops are involved.
Local companies run into practical difficulties with agentic AI. Many teams still build skills in both AI operations and security simultaneously. This shortage slows down the creation of strong defenses. Rules on data handling add another layer of pressure. Any slip can bring penalties or force work to stop.
Effects show up in different sectors. Banks have dealt with agents who pulled customer records because access rules were not tight enough. Production lines in manufacturing sometimes slow down when agents misinterpret sensor data. Online shops face complaints when orders go wrong after manipulated instructions reach an agent. These events cost money and damage trust with customers.
Supply chains across islands feel the pressure too. One affected agent can delay deliveries for partners further down the line. Indonesia already sees targeted attacks that exploit connected systems. Businesses without updated protections lose working hours and market share. The speed of adoption, combined with limited readiness, raises overall concern for many enterprises.
Companies can reduce risks by following structured steps. The measures below fit well with the needs in cyber risk management in Indonesia.
Establish clear policies for the approval, deployment, and use of agentic AI systems. Assign specific responsibilities to relevant teams and conduct regular reviews that cover both human and autonomous actions. Integrating these assessments into existing governance and risk management processes helps ensure that potential issues are identified and addressed consistently.
Implement tools that continuously monitor agent behavior and activities. New agents should be tested in controlled environments before deployment to live systems. Organizations should also establish clear limits on the data, systems, and actions each agent can access, while maintaining oversight of critical decisions. Timely alerts for unusual behavior enable teams to investigate potential issues and respond before they escalate.
Apply encryption to stored records and control who sees them. Keep memory only as long as truly needed. Run checks on data movement at set intervals to catch any unusual activity.
Offer focused sessions for staff who handle security and technology. Work with other companies to exchange useful lessons. Bring in outside help where gaps remain inside the organization. Treat agent security as part of normal operations rather than a short project.
Indonesian enterprises that want to adopt agentic AI with confidence can benefit from insights shared at dedicated industry events. The IndoSec summit, one of Indonesia’s premier cybersecurity conferences, brings together enterprise leaders, policymakers, and security experts to discuss emerging risks and practical mitigation strategies.
Participants gain direct exposure to current agent-related risks and practical approaches to managing them, supported by real-world cases from Indonesia and neighbouring markets. Time spent engaging with peers and specialists also provides fresh perspectives that can be applied within their own organizations.
Scheduled for 15–16 September 2026 at The Ritz-Carlton Jakarta, Pacific Place, offers a focused environment for these discussions. Attendees leave with practical ideas to strengthen defenses and support more secure adoption of emerging technologies. The event serves as a useful starting point for organizations aiming to progress safely while building stronger cyber resilience step by step.
Register today: https://indosecsummit.com/
Don’t miss out!
