Skip to main content
A Singapore Government Agency Website How to identify
Official website links end with .gov.sg
Government agencies communicate via .gov.sg websites (e.g. go.gov.sg/open). Trusted websites
Secure websites use HTTPS
Look for a lock () or https:// as an added precaution. Share sensitive information only on official, secure websites.

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore
Publications

Public Consultation on Securing Agentic AI - An Addendum to the Guidelines and Companion Guide on Securing AI Systems

22 October 2025

CSA releases an addendum to support system owners in securing agentic AI systems for public consultation.

Artificial Intelligence is driving efficiency and innovation across various sectors. To reap the benefits of AI, users need to trust that the AI functions as originally intended and that these systems remain secure. Last year, CSA published the Guidelines and Companion Guide on Securing AI Systems to help organisations adopt AI in a secure manner. The Guidelines lay out the foundational security principles for system owners to secure the use of AI throughout its lifecycle, while the Companion Guide provides practical measures and controls that system owners may consider as part of observing the Guidelines.

Agentic AI possesses sophisticated abilities to understand the context, formulate plans and take independent actions to achieve specified objectives. There are new risks involved, with greater potential for impact given agentic AI’s new capabilities and access to tools and data.

In view of these risks and the increased interest in Agentic AI usage, CSA has developed the Addendum with industry, government and international partners to support system owners in securing their agentic AI systems. The Addendum is designed to be read alongside the Guidelines and Companion Guide. The Addendum:

a.                      Outlines how risks can be identified and assessed based on the capabilities of Agentic AI systems (e.g., by mapping out agentic workflows to identify where threat actors could potentially exploit vulnerabilities) and

b.                      Provides practical controls to mitigate relevant risks across the development lifecycle. Practical examples will also be provided to illustrate how the Addendum can be applied across different scenarios and levels of system autonomy. These include use cases such as app development and coding assistants, automated client onboarding systems, and automated fraud detection systems.

CSA is seeking public consultation on the Addendum, from 22 Oct 2025 to 31 Dec 2025.

We invite feedback from international partners, organisations, industry professionals, academia and the public to ensure these materials are comprehensive, effective and practical.

Please write in to aisecurity@csa.gov.sg to submit your views and comments. All submissions must reach CSA by 11:59pm, 31 December 2025.

The Guidelines and Companion Guide that was published in Oct 2024 can also be accessed at https://www.csa.gov.sg/resources/publications/guidelines-and-companion-guide-on-securing-ai-systems.

Back to top