Skip to main content
A Singapore Government Agency Website How to identify
Official website links end with .gov.sg
Government agencies communicate via .gov.sg websites (e.g. go.gov.sg/open). Trusted websites
Secure websites use HTTPS
Look for a lock () or https:// as an added precaution. Share sensitive information only on official, secure websites.

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore
Publications

Securing Agentic AI – An Addendum to the Guidelines and Companion Guide on Securing AI Systems

17 June 2026

CSA releases an addendum to support system owners in securing agentic AI systems for public consultation.

Artificial intelligence is driving efficiency and innovation across various sectors. To reap the benefits of AI, users need to trust that AI functions as originally intended and that these systems remain secure. In 2024, CSA published the Guidelines and Companion Guide on Securing AI Systems to help organisations adopt AI securely. The Guidelines lay out the foundational security principles for system owners to secure the use of AI throughout its lifecycle, while the Companion Guide provides practical measures and controls that system owners may consider in implementing the Guidelines.

Agentic AI possesses sophisticated abilities to understand context, formulate plans, and take independent actions to achieve specified objectives. This introduces new risks, with greater potential for impact given agentic AI's capabilities and its access to tools and data.

In view of these risks and the growing interest in agentic AI, CSA has developed the Addendum in collaboration with industry, government, and international partners to support system owners in securing their agentic AI systems. The Addendum is designed to be read alongside the Guidelines and Companion Guide. It:

a)      Outlines how risks can be identified and assessed based on the capabilities of agentic AI systems (for example, by mapping out agentic workflows to identify where threat actors could potentially exploit vulnerabilities) and

b)     Provides practical controls to mitigate relevant risks across the development lifecycle. Practical examples are also provided to illustrate how the Addendum can be applied across different scenarios and levels of system autonomy. These include use cases such as app development and coding assistants, automated client onboarding systems, and automated fraud detection systems.

The public consultation for the Addendum was conducted from 22 October 2025 to 31 December 2025.


Acknowledgements

CSA wishes to acknowledge the valuable contributions of all industry, government, and international partners involved in the development of this Addendum.

·       Securing Agentic AI – An Addendum to the Guidelines and Companion Guide on Securing AI Systems [PDF, 5.12 MB]

The Guidelines and Companion Guide, published in October 2024, can also be accessed at https://www.csa.gov.sg/resources/publications/guidelines-and-companion-guide-on-securing-ai-systems.

Back to top