Your workforce is going agentic. Every employee will be managing a fleet of agents, effectively doubling your workforce. How do you prepare for this?

Over the last month, I’ve talked with dozens of companies that have fully deployed or are actively testing Claude in its various forms. At its most basic, Claude is a typical GenAI chatbot that can help you generate content or serve as a thinking partner. For your developers, you have Claude Code that can rip code like the best of them. And for everything in between, you have Claude Cowork, the future of how employees will work.

Being a Claude Cowork fanboy myself, I know it’s the right move to help employees automate the mundane and supercharge their output.

But there’s a problem. The uncertainty about how to secure these tools is causing enterprises to roll them out slowly, albeit responsibly. The typical pattern starts by giving Claude to the general population while giving developers access to more powerful components, such as Agent Skills. It’s like buying a Ferrari only to never leave second gear.

It’s the agentic dichotomy. You won’t find the ROI you’re looking for without disabling security settings. For agents to be useful, you have to connect them to applications and data, which is directly at odds with how you would want to secure them. Security is left to the user, who is one approval box away from allowing Claude to exfiltrate data or execute a command with business impact.

Organizations are scared because we’re running into the basement with the lights turned off. Even though we have a vague understanding of the layout, when you can’t see what’s going on, your senses dial up to the max, and fear takes over.

Here’s some comforting news, though. When it comes to securing AI, everyone is still figuring it out. But we’ve been here before in security. A new technology introduces a new threat, which creates new attack paths, which creates new security demands.

I’ve seen this play out time and time again. And I have good news. There’s a way forward.

Like any journey, it starts with a single step. But which step do you take? This is where most companies are today. They are playing a lopsided dodgeball game, with every security vendor teaming up against your average company while drilling them with claim after claim that their tooling can solve their AI woes.

Let’s take a breath and reset. Here’s what’s worked in the past with every major technology shift.

Step 1: Start with inventory. The most ick saying in security is, “you can’t secure what you don’t know about.” I hate it. So much. But it holds true. The first step in fighting the fear is to turn on the lights. Suddenly the monster in the basement isn’t so scary when you see it’s just the exercise bike you’ve been neglecting…btw, you should probably do something about that…just saying.

Step 2: Find the practical risks. While understanding the model security sounds sexy, you’re solving quadratic equations when you should be starting with basic arithmetic. Start with the practical risk. Seek to understand the tools and data agents have access to. Classify the risk based on data sensitivity and the tools' impact. When your CFO is connecting QuickBooks, meeting notes, and Gmail to a single agent in the middle of a sensitive M&A deal, that’s something that makes you go “hmmm, is this a good idea?”

As you graduate from the basic gut check, you step into finding over-privileged agents, surfacing malicious agent skills, and finding those users who are about to YOLO their way off a cliff.

Step 3: Monitor agent activity. The first two steps are about building visibility and context. Now you shift into understanding what is going on in your environment. It’s no coincidence that companies began finding cloud compromises after they started monitoring their cloud environments. The same will be true for agents.

Monitoring leads to insights, which lead to better detections, which lead to better risk prevention. The virtuous circle of improvement hits its stride when you’re monitoring the environment.

Step 4: Gain control. Truth be told, you don’t need to wait for this step to start gaining control, but the extra visibility from monitoring helps support what it is you need to control. The balance here is to enable the workforce without enabling bad behaviors. Give them the keys to the car, but don’t let them enter a street race.

Control comes in the form of standardizing on tooling that you can monitor and enforce company policies. This may take the shape of a Skills/MCP registry. Or not allowing network traffic to malicious websites. For the majority of the user’s workflow, it should operate behind the scenes, informing the business where users are getting blocked and helping security teams find secure compensating controls to unblock them.

So take a deep breath and focus on that first step. Position yourself to respond, not react. Response is deliberate, thoughtful, and informed. Reaction is haphazard, irrational, and ill-informed. Choose your path.

If you choose to respond rather than react, let’s chat. I’ve got a deliberate, thoughtful, and informed shortcut for you.

Evoke Security helps secure the agentic workforce.

Reply

Avatar

or to participate

Keep Reading

© 2026 The Weekend Byte.
Report abusePrivacy policyTerms of use
beehiivPowered by beehiiv