The Cyber Security Agency of Singapore (CSA) has released Securing Agentic AI – an Addendum to the Guidelines and Companion Guide on Securing Artificial Intelligence (AI) Systems for public consultation.
CSA said in a statement on Wednesday that the Addendum provides practical guidance for system owners to secure Agentic Artificial Intelligence (AI) systems.
This was announced by Josephine Teo, Minister for Digital Development and Information and Minister-in-charge of Cybersecurity and Smart Nation Group at the Singapore International Cyber Week (SICW) 2025.
According to the statement, AI is driving efficiency and innovation across various sectors.
To reap the benefits of AI, users must trust that the AI will function as originally intended, and that the systems remain secure.
Last year, CSA published the Guidelines and Companion Guide on Securing AI Systems with the aim of helping organizations adopt AI in a secure manner.
The guidelines lay out the foundational security principles for system owners to secure the use of AI throughout its lifecycle, while the Companion Guide provides practical measures and controls that system owners may consider as part of observing the guidelines.
It is noted that Agentic AI possesses sophisticated abilities to understand the context, formulate plans and take independent actions to achieve specified objectives.
There are new risks involved, with greater potential for impact given agentic AI’s new capabilities and access to tools and data.
In view of these risks and the increased interest in Agentic AI usage, CSA has developed the Addendum with industry, government and international partners to support system owners in securing their agentic AI systems.
The Addendum is designed to be read alongside the Guidelines and Companion Guide.
The Addendum outlines how risks can be identified and assessed based on the capabilities of Agentic AI systems (e.g., by mapping out agentic workflows to identify where threat actors could potentially exploit vulnerabilities).
It also provides practical controls to mitigate relevant risks across the development lifecycle.
Practical examples will also be provided to illustrate how the Addendum can be applied across different scenarios and levels of system autonomy.
These include use cases such as app development and coding assistants, automated client onboarding systems, and automated fraud detection systems.
A public consultation on the Addendum will run from Oct 22, 2025 to Dec 31, 2025.
IBM, NUS and Chiang Mai University partner to advance AI and quantum innovation across ASEAN

