AI adoption across industries is entering a new chapter. As generative AI becomes embedded in business operations, a more powerful and more complex wave is emerging: agentic AI. These systems do not merely assist with discrete tasks, but they can autonomously execute multi-step processes, make decisions, and interact with enterprise tools across functions and sectors. For organizations navigating the shift raises a fundamentally different set of questions around governance, security, accountability, and operational resilience. The latest installment of our GC lunch series brought together legal and cybersecurity leaders from Sophos, Securonix, and RingCentral to examine how companies are preparing for this agentic era and the cross-sector challenges it presents. Here are the key takeaways.
What Are Agents, and Why Should GCs Care?
- Agentic AI is qualitatively different from a chatbot or a document review tool. Agents can take action by reasoning, planning, executing multi-step processes, accessing enterprise systems, and making decisions with varying degrees of autonomy. That distinction should get every GC’s attention fast.
- A conventional enterprise AI system might draft a contract clause when prompted. An agentic system might identify the need for a clause, draft it, route it for approval, and update a contract management system without a human initiating each step. The governance implications of that leap are profound.
- From a GC’s perspective, the defining characteristic of agents is autonomy. Autonomy, in a legal context, is inseparable from questions of authority, liability, and control. The law of agency may get tested in new and unexpected ways.
Where Agents Are in the Ecosystem
- The push to build, develop, and deploy agents is accelerating across multiple verticals, business units, and sectors. Organizations represented at the lunch series spanning cybersecurity platforms and cloud communications, are actively building and deploying agents within their product suites and internal operations.
- The maturity curve for agents is still early, but the trajectory is steep. The biggest technical developments driving the move toward agentic systems are happening now, and panelists expect agents to show up most prominently across the enterprise in the next twelve to twenty-four months.
- The ecosystem is not settling on a single model. The conversation is moving between single-purpose agents, multi-agent systems, and orchestration layers. GC’s need to understand these architectural choices because each carries different risk profiles.
- Cybersecurity companies like Sophos and Securonix are playing a dual role: both shaping the agentic ecosystem as builders and serving as frontline defenders against the risks agents introduce. The message from the panel was clear – separate the hype from what is durable, and make sure your legal team is tracking the developments that most companies probably aren’t.
Agents Are Creating a New Governance Conversation
- The global legal landscape around AI is fluid, and agents are creating governance challenges that are materially different than those posed by standalone generative AI systems. GC’s cannot simply extend existing AI policies to cover agentic deployments because the risk profile is different in kind, not just degree.
- Autonomy and Accountability. Organizations must define the scope of authority granted to an agent with the same rigor they apply to human delegation. “Least privilege” takes on new meaning in the context of agents, and decision rights need to be documented when agents are used in critical workflows. The harder question of how much discretion an agent should have before mandatory human escalation is required has no one-size-fits-all answer, but it demands a deliberate framework.
- Security. Agents introduce security risks that are unique or heightened compared to non-agentic systems. Prompt injection, tool abuse, privilege escalation, and memory poisoning all take on new dimensions in an agentic environment. Agents are, in effect, creating a new attack surface inside the enterprise and CISOs are thinking carefully about how to monitor and contain these risks. General counsel should be part of that conversation, not waiting for an incident to force it.
- Data Privacy and Additional Risks. Agents complicate existing data governance and privacy frameworks in ways that many organizations have not yet anticipated. For companies navigating the complicated global patchwork of data privacy laws, deploying agents without a clear understanding of how they interact with personal data, cross-border transfers, and regulatory obligations can present significant challenges.
- Third-Party Risk. Contracting with agentic vendors requires a different lens. Indemnity, limitation of liability, and security provisions all need to evolve for agentic AI.
What GCs Should Take Back to Their Teams
- The panelists were candid about what excites them about the agentic future but equally candid about the governance it demands. The right balance between innovation and governance must remain dynamic, requiring an ongoing negotiation that requires engagement from legal leadership.
- GCs need to be positioned to answer a key question – if you had to explain an agent’s conduct to a regulator, a court, or your board, what documentation would you need and how much of it does your organization actually have today?
- The one thing every legal leader in the room was urged to take back to their teams and their boards was that securing the agentic future is not a technology challenge alone. It is a governance, risk management, and leadership challenge as well.
Agentic AI is moving from concept to deployment faster than most legal departments are prepared for. The GC’s who pair early engagement with deliberate governance frameworks and who define authority, demand auditability, and insist on security by design will be the ones who lead their organizations through this transition rather than react to it.
Click here for a timely Wall Street Journal read echoing many of the points we addressed. Onwards!
Disclaimer
This blog is made available by Foley & Lardner LLP (“Foley” or “the Firm”) for informational purposes only. It is not meant to convey the Firm’s legal position on behalf of any client, nor is it intended to convey specific legal advice. Any opinions expressed in this article do not necessarily reflect the views of Foley & Lardner LLP, its partners, or its clients. Accordingly, do not act upon this information without seeking counsel from a licensed attorney. This blog is not intended to create, and receipt of it does not constitute, an attorney-client relationship. Communicating with Foley through this website by email, blog post, or otherwise, does not create an attorney-client relationship for any legal matter. Therefore, any communication or material you transmit to Foley through this blog, whether by email, blog post or any other manner, will not be treated as confidential or proprietary. The information on this blog is published “AS IS” and is not guaranteed to be complete, accurate, and or up-to-date. Foley makes no representations or warranties of any kind, express or implied, as to the operation or content of the site. Foley expressly disclaims all other guarantees, warranties, conditions and representations of any kind, either express or implied, whether arising under any statute, law, commercial use or otherwise, including implied warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall Foley or any of its partners, officers, employees, agents or affiliates be liable, directly or indirectly, under any theory of law (contract, tort, negligence or otherwise), to you or anyone else, for any claims, losses or damages, direct, indirect special, incidental, punitive or consequential, resulting from or occasioned by the creation, use of or reliance on this site (including information and other content) or any third party websites or the information, resources or material accessed through any such websites. In some jurisdictions, the contents of this blog may be considered Attorney Advertising. If applicable, please note that prior results do not guarantee a similar outcome. Photographs are for dramatization purposes only and may include models. Likenesses do not necessarily imply current client, partnership or employee status.
Author(s)
Related Insights
May 12, 2026
Foley Ignite
Private Equity’s AI Bet: Strategic Hedge or Structural Conflict?
This week’s headlines are remarkable. OpenAI closed a roughly $10 billion joint venture, called DeployCo, with TPG, Brookfield, Bain, and others to push its tools across sponsor portfolios. Within minutes of that news, Anthropic announced a $1.5 billion venture with Blackstone, Hellman & Friedman, and Goldman Sachs to embed Claude into mid-market businesses, starting with their own portfolio companies.
May 11, 2026
Foley Ignite
Late-Stage Deals Dominate Latin American Funding in Q1
In the first quarter of 2026, Venture Capital (VC) funding in Latin America was less about broad-based momentum and more about the concentration of capital, stage, and even geography. According to a recent Crunchbase article examining data from Q1 of this year, Latin American startups raised a total of $1.03 billion for the quarter, a jump of 12% YoY and a decrease of 6% from Q4 2025.
May 11, 2026
Foley Ignite
What we took home from Milken Week
Three of us spent last week in Beverly Hills for the Milken Institute Global Conference. The official sessions ran May 3 through 6 across the Beverly Hilton and the Waldorf, under the banner “Leading in a New Era.” As always, the more useful conversations happened in the side rooms, the hotel suite meetings, and the Tuesday night party we sponsored. A few things we are bringing back to clients.