Cybersecurity Information Sheet: New Guidance from ASD & ACSC

The National Security Agency (NSA) has collaborated with the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and other agencies to release a Cybersecurity Information Sheet (CSI) titled “Careful Adoption of Agentic AI Services.” This guidance addresses the emerging cybersecurity risks associated with the increasing use of agentic artificial intelligence (AI) systems.

The release, announced on May 1, 2026, provides recommendations for organizations considering the implementation of agentic AI, which refers to AI systems capable of independent action and decision-making. The CSI aims to help organizations understand and mitigate the potential vulnerabilities introduced by these advanced AI capabilities.

Understanding Agentic AI and Associated Risks

Agentic AI represents a significant evolution in artificial intelligence, moving beyond systems that simply respond to prompts to those that can proactively pursue goals. While offering substantial benefits in automation and efficiency, this increased autonomy also introduces new cybersecurity challenges. The guidance highlights the need for careful consideration of security implications throughout the lifecycle of agentic AI systems, from development and deployment to ongoing monitoring and maintenance.

The collaborative effort underscores the growing international concern regarding the security of AI technologies. The NSA’s involvement, alongside the ASD’s ACSC, signals a coordinated approach to addressing these challenges and promoting responsible AI adoption.

Previous Cybersecurity Guidance from NSA and Partners

This latest release builds upon previous joint efforts by the NSA, ASD’s ACSC, and other agencies to enhance cybersecurity practices. On May 27, 2025, the organizations published three Cybersecurity Information Sheets focused on Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms.

These earlier publications detailed the role, benefits, challenges, and best practices for implementing SIEM and SOAR solutions. SIEM systems collect and analyze log data to identify potential threats, while SOAR platforms automate responses to detected malicious activity, particularly within Zero Trust architectures. The guidance covered implementation strategies for both cybersecurity executives and network defenders.

The May 2025 publications included three specific guides: “Implementing SIEM and SOAR Platforms: Executive Guidance,” “Implementing SIEM and SOAR Platforms: Practitioners Guidance,” and “Priority Logs for SIEM Ingestion: Practitioner Guidance.” The latter provided detailed technical recommendations for log sources, including Endpoint Detection and Response tools, Windows and Linux operating systems, network devices, and cloud deployments.

Focus on SIEM and SOAR Implementation

The guidance on SIEM and SOAR platforms emphasizes the importance of a comprehensive approach to cybersecurity. By effectively collecting, analyzing, and responding to security events, organizations can significantly improve their ability to detect and mitigate advanced cyber threats. The publications highlight the need for careful planning, procurement, and maintenance of these platforms to maximize their effectiveness.

The collaborative effort between the NSA, ASD’s ACSC, and other agencies demonstrates a commitment to sharing knowledge and best practices to strengthen cybersecurity defenses globally. The release of these Cybersecurity Information Sheets reflects a proactive approach to addressing the evolving threat landscape and ensuring the secure adoption of critical technologies.

The release of the agentic AI guidance continues this trend, acknowledging the unique security considerations presented by this emerging technology. Organizations are encouraged to review the CSI and implement the recommended practices to minimize risks and maximize the benefits of agentic AI systems.