Proofpoint Pushes Security Deeper Into The Agentic Workspace

The rise of agentic workspaces, where AI-driven environments enable autonomous digital assistants to act on behalf of employees, is transforming the way we work. These AI agents can schedule meetings, draft documents, analyze conversations, and negotiate workflows across platforms, making work faster and more efficient. However, this increased productivity also comes with a new set of security concerns. As AI agents handle more tasks, they widen the attack surface, making it essential to address the potential risks and ensure the security of sensitive data.

The shift to agentic workspaces is reminiscent of the pandemic-driven shift to remote work. Initially, many assumed that remote work was a temporary solution, but it quickly became a permanent fixture due to the flexibility and productivity gains it offered. Similarly, agentic workspaces are likely to become a standard feature of modern work, and organizations that fail to adapt may be left behind. However, the increased use of AI agents also raises concerns about data security and the potential for blind spots. As Scott Crawford, head of information security research at 451 Research / S&P Global, notes, “Agentic AI is distinguished by three primary capabilities: the modeling of reasoning based on inputs and available memory context; the ability to make decisions; and the taking of actions, often using tools.”

The non-deterministic nature of agentic actions makes it challenging for organizations to define constraints that mitigate potential risks. This unpredictability highlights the need for visibility and guardrails to ensure the security of sensitive data. Security vendors are racing to address this challenge, with Proofpoint being the first major security vendor to announce a solution explicitly designed for agentic workspaces. By embedding security directly into the flow of conversations, documents, and AI-driven actions, Proofpoint aims to safeguard both collaboration and sensitive data.

The parallels between the pandemic-driven workplace shift and the rise of agentic workspaces are striking. Surveys showed that 87% of workers never wanted to return to the office full-time, and many were willing to trade compensation for flexibility. Leaders who assumed the change was temporary were caught unprepared. Similarly, organizations that treat agentic workspaces as a short-lived experiment risk being blindsided by security gaps. As Todd Thiemann, principal analyst at Omdia, points out, “The real value for agentic AI will come when agents start touching core enterprise applications. That is where enterprises will unlock significant AI value, but also encounter significant security risk from AI agents.”

The real challenge will come when AI agents start interacting directly with applications, accessing more sensitive systems and data. This expanded attack surface requires new security tooling to mitigate the risk. The speed of adoption is compounding the risk, with enterprises investing heavily in agentic AI and often rushing pilots into production to demonstrate ROI. Security is typically an afterthought, and over-permissioned agents or weak guardrails could quickly lead to incidents such as data breaches or fraud. It may take a high-profile security failure to push organizations into tightening controls.

Proofpoint’s announcement feels like an attempt to break the cycle of embracing new technologies without considering the security implications. By building guardrails into agentic workspaces from the start, Proofpoint is stepping into a leading role in helping organizations contain risks and fulfill the promise of agentic functionality. As Crawford notes, “There’s no time like the present for vendors to play a leading role in helping organizations find workable ways to contain those risks and help agentic functionality fulfill its promise.” The road ahead will require organizations to prioritize security and develop standards and best practices for securing agentic workspaces.

Agentic AI is not a fad; it’s the logical next step in automation. We’ve moved from macros to chatbots to agents that adapt, decide, and act. This shift makes securing the data layer, not just the perimeter, essential. Organizations that move early to address the security concerns associated with agentic workspaces will give themselves a head start in keeping this new era of work safe. As the use of AI agents becomes more widespread, it’s crucial to prioritize security and develop strategies to mitigate potential risks. By doing so, organizations can ensure that the benefits of agentic workspaces are realized while minimizing the potential drawbacks.