CSA Releases An Addendum To Support System Owners In Securing Agentic AI System

The Cyber Security Agency of Singapore (CSA) has released Securing Agentic AI – An Addendum to the Guidelines and Companion Guide on Securing Artificial Intelligence (AI) Systems (“Addendum”) for public consultation. The Addendum provides practical guidance for system owners to secure Agentic Artificial Intelligence (AI) systems. This was announced by Mrs Josephine Teo, Minister for Digital Development and Information and Minister-in-charge of Cybersecurity and Smart Nation Group at the Singapore International Cyber Week (SICW) 2025.

2            AI is driving efficiency and innovation across various sectors. To reap the benefits of AI, users must trust that the AI will function as originally intended, and that the systems remain secure. Last year, CSA published the Guidelines and Companion Guide on Securing AI Systems with the aim of helping organisations adopt AI in a secure manner. The Guidelines lay out the foundational security principles for system owners to secure the use of AI throughout its lifecycle, while the Companion Guide provides practical measures and controls that system owners may consider as part of observing the Guidelines.

3            Agentic AI possesses sophisticated abilities to understand the context, formulate plans and take independent actions to achieve specified objectives. There are new risks involved, with greater potential for impact given agentic AI’s new capabilities and access to tools and data.

4            In view of these risks and the increased interest in Agentic AI usage, CSA has developed the Addendum with industry, government and international partners to support system owners in securing their agentic AI systems. The Addendum is designed to be read alongside the Guidelines and Companion Guide. The Addendum:

              a. Outlines how risks can be identified and assessed based on the capabilities of Agentic AI systems (e.g., by mapping out agentic workflows to identify where threat actors could potentially exploit vulnerabilities) and

              b. Provides practical controls to mitigate relevant risks across the development lifecycle. Practical examples will also be provided to illustrate how the Addendum can be applied across different scenarios and levels of system autonomy. These include use cases such as app development and coding assistants, automated client onboarding systems, and automated fraud detection systems.

5            A public consultation on the Addendum will run from 22 Oct 2025 to 31 Dec 2025. CSA welcomes contributions from the AI and cybersecurity community, and feedback can be submitted via aisecurity@csa.gov.sg. The Addendum can be downloaded from CSA’s website at https://www.csa.gov.sg/resources/publications/addendum-on-securing-ai-systems. The Guidelines and Companion Guide can also be downloaded at https://www.csa.gov.sg/resources/publications/guidelines-and-companion-guide-on-securing-ai-systems.

***End***

About the Cyber Security Agency of Singapore

Established in 2015, the Cyber Security Agency of Singapore (CSA) seeks to keep Singapore’s cyberspace safe and secure to underpin our National Security, power a Digital Economy and protect our Digital Way of Life. It maintains oversight of national cybersecurity functions and works with sector leads to protect Singapore’s Critical Information Infrastructure. CSA also engages various stakeholders to heighten cyber security awareness, build a vibrant cybersecurity ecosystem supported by a robust workforce, pursue international partnerships, and drive regional cybersecurity capacity building programmes. CSA is part of the Prime Minister’s Office and is managed by the Ministry of Digital Development and Information. For more news and information, please visit www.csa.gov.sg.