AI agents are accelerating automation by collapsing the distance between intent and execution, increasing speed and scale while introducing new categories of security risk.
Savneet Singh, AI Ethicist and Founder of 5Virtues, argues that AI agents should be treated as a new class of nonhuman identity, requiring explicit sponsorship, constrained access, and human approval for high-risk actions.
Singh says effective governance depends on sandboxing, adversarial testing, AI literacy, and clear human accountability to prevent malicious use, system failures, and hidden risks like shadow AI.
AI agents are rapidly increasing the pace of automation, shrinking the gap between human intent and real-world action. For security leaders, that speed introduces new categories of risk that demand a rethink of traditional governance models. The challenge is no longer just managing software, but overseeing what is increasingly viewed as a new class of nonhuman identity.
On the front lines of this challenge is AI Ethicist Savneet Singh, who currently lends her expertise to Google's Trust & Safety team. As a faculty member of both Emory University and California State University East Bay, Singh teaches courses focused on AI ethics. She is also the Founder of 5Virtues, a firm that helps organizations discover, design, and implement effective, ethically sound, and human-centered AI strategies. Drawing from experience, Singh observes that AI agents have altered the speed and accessibility of familiar threats.
"Human-in-the-loop is still the staple for anything high-risk. For anything where these AI systems are deleting data, adding data, or executing code, they should have explicit approvals," says Singh. From her perspective, scale and velocity are the real risk drivers, intensifying and spreading threats that were previously more contained. She frames the challenge through three main buckets: malicious use, AI failures, and systemic risks.
Threats on overdrive: Singh notes that AI acts as a powerful accelerant for malicious use. It puts advanced capabilities into far more hands, pushing threats like fraud and crowd-coded attacks to a new scale. "With minimal human oversight, these agents can coordinate to manipulate public opinion," she explains. "While traditional trolling takes time and human effort, AI agents can launch relentless, persistent harassment campaigns against people or ideas at machine speed."
New class, new rules: To solve the problem, Singh makes the case that leaders should treat agents as a new class of actor within the enterprise, distinct from simple software. "We should be treating these nonhuman identities as separate from human beings, which means giving them strict sponsorship and locking them to specific tasks. In organizations, we all have roles with corresponding responsibilities and system access. The same principles should be applied to these agents so we can maintain clear oversight of their actions."
Line in the sand: Singh highlights sandboxing as a critical first step, since an agent’s interpretation of a command can differ from what was intended. "For example, giving an agent an ambiguous command about a daily marketing budget could lead it to interpret permission to spend a thousand dollars instead of one hundred," she explains. "That ambiguity is where the risk lies."
Singh warns of the consequences of a geopolitical "race" where competing national interests undermine efforts towards a unified safety standard. "The problem is that we are in a race to see who gets there first, not a healthy competition," she says. "This is leading to disputes, disagreements, and regulations that are not aligned with each other. You see this happening in silos, where the EU is being very restrictive while China and the US are in a competition. While the EU AI Act can be a good place to start for global alignment, we need more cohesive global action."
Find the flaws first: With accountability falling on individual organizations, Singh calls for a proactive, human-centric "ecosystem" of governance. A core component is proactive testing through adversarial simulation. "Organizations need more secure and robust red teaming. Through adversarial testing, we can see how to break these systems. While there’s no 100% guarantee, it is a very good way of testing in a sandbox before you go with full force."
As a final point, Singh highlights an operational blind spot that can challenge governance frameworks: "shadow AI". When employees use unapproved AI tools like deepfakes and AI companions without going through proper channels, they create significant data vulnerabilities and ethical risks. "The concern is 'shadow AI,' which creates data blind spots an organization may not even know about. The biggest defense is promoting AI literacy. If employees are not trained enough, they might use any kind of free code generator, and that could lead to significant problems," she concludes.
