SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Modern uk office ai call centre retail checkout security ops room
#
UC
#
DevOps
#
Digital Transformation

AI agents to transform enterprise, retail & security by 2026

Wed, 10th Dec 2025
Author image
By Kaleah Salmon, News Editor

Technology and retail executives expect a rapid rise in AI agents across enterprises and consumer channels in 2026, reshaping how businesses run operations, manage security, and serve customers online and in-store.

From back-office automation to omnichannel retail journeys, senior leaders describe a shift towards fleets of semi-autonomous software agents that act on behalf of both companies and consumers, raising new governance and identity challenges.

They also predict closer integration of customer data into physical shopping and a rethinking of cyber security architectures as AI-driven activity becomes routine.

Enterprise agents

In large organisations, AI agents are expected to move beyond discrete tools and pilots into system-wide roles embedded in business processes and IT operations.

Executives argue that these agents will be deployed in groups, with specific responsibilities across customer service, development, operations and cyber defence, and will work in tandem with human teams rather than in isolation.

Carl Kinson, UK&I CTO, DXC Technology, said, "As we move into 2026 and beyond, the rise of AI agents will reshape entire business value streams. The real breakthrough isn't new tools; it's autonomous, collaborative agents that can act, reason, and work alongside people across the enterprise. Customer-facing agents will deliver fast, personalised service, while humans handle the high-judgment moments. In the back office, agentic automation will automate IT operations, accelerate code development and management, and enable teams to focus on strategy rather than repetitive tasks."

"We'll also see cyber AI agents defending enterprises from AI-driven threat actors, responding at machine speed and partnering with human analysts to stay ahead of evolving risks. In this new landscape, success will come from orchestrating fleets of agents and embracing a Human+ mindset, combining technical fluency with systems thinking, creativity, and constant curiosity. The future belongs to teams that treat AI as a collaborator and explore what becomes possible when humans and agents build together."

"At DXC, we're embedding this mindset and helping clients develop and embed Agents and Agents Frameworks into their core business operations. It combines technical mastery with curiosity, creativity, and ethical awareness, because in the next decade, success won't come from knowing everything. It will come from staying endlessly innovative about what's possible," said Kinson.

Retail journeys

In retail, AI agents are expected to change how consumers discover, compare and purchase products, while retailers experiment with more direct use of opt-in data inside physical stores.

One focus is on linking customer apps, loyalty data and wishlists more tightly with in-store experiences, from targeted alerts to more tailored assistance from sales staff.

Mike Fantis, VP Managing Partner, DAC Group UK, said, "I'm hoping to see closer integration of opt-in customer data to in-store shopping experiences to improve omnichannel customer service. I appreciate asking people to scan into stores might feel like a big ask, but by this point we're used to app-enhanced experiences like loyalty schemes and click and collect."

"There's so much more we could do though, not only to join up online to offline journeys but also to improve bricks and mortar personalisation. It doesn't have to be rocket science, it could be as simple as an alert that one of your wishlist items is on-sale in store, or streamlined personal shopping services if the sales assistant already knows your size and purchase history. The potential is huge so perhaps 2026 will be the year that retailers will start being more ambitious?"

"If this one is a slimmer chance, I think the safer bet is that the use of agentic agents in eCommerce is set to grow. Consumers are already using LLMs at the top end of the funnel for research, price comparison and so-on, they are now cottoning on to the fact that they can use these services to create shopping lists, concoct recipes... so it just makes sense they should use AI agents to do the rest of the work for them."

"This has implications for eCommerce vendors around customer brand engagement. However, we need to remember that the main reason people will use agents is for convenience - to save them time. All retail brands will need to reconfigure their offer to cater to humans and bots - and sometimes that could mean going back to basics! Google has already launched Duplex, an add-on service for Google Assistant that checks appointment availability for the user, including making calls on their behalf... Being prepared for our agentic future means getting your customer service right across all channels - a good start for 2026 would simply be to plug the landline back in!" said Fantis.

Security shift

Security specialists see the same agent trend creating fresh attack surfaces and driving a shift towards identity-centric controls that include machine actors as well as people.

They expect more automated workflows, chatbots and agents to be granted access to systems and data, each requiring their own identities, privileges and monitoring to limit the impact of compromise or misuse.

Matt Rider, Global VP of Customer Technical Support, Exabeam, said, "During 2026, we'll see identity-first security move beyond users and devices to include APIs, machine identities, and AI agents. Organisations are increasingly automating workflows and assigning tasks to AI chatbots, and this will drive the need for each AI agent to have its own identity, privileges, and monitoring. The challenge in securing these agents will lie in determining intent, as AI identities differ from human behaviour patterns. This will accelerate the need for unified governance that can track, validate, and revoke permissions for both humans and AI entities. Organisations that fail to modernise their identity stack will face critical visibility gaps that leave them vulnerable to AI-enabled breaches."

Alongside this, identity providers expect new attack patterns targeting the relationship between humans and their software agents.

Andre Durand, Founder and CEO, Ping Identity, said, "As AI agents become part of daily workflows, a new threat is emerging: the agent-in-the-middle. These agents can see screens, move cursors, and act on our behalf. It's the next evolution of man-in-the-middle attacks, only now, the intruder is software you invited. Detecting and governing those agents will be one of cybersecurity's defining challenges. Knowing when AI is acting, and who it's acting for, will separate the secure from the exposed.

In 2026, identity will become the universal language of accountability. Every action will need to show proof: who or what did it, under what policy, and with whose consent. Trust won't hinge on claims; it will hinge on proof. The organisations that can verify both identity and intent will define the new standard for digital trust."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
ADLINK gains IEC 62443-4-1 nod for secure edge R&D
Agentic AI double agents expose dangerous security gaps
Ping Identity names Adnan Chaudhry Chief Revenue Officer
Exabeam launches AI agent behaviour analytics tools
Security now central to business decisions, says report

Top stories

Instagram denies breach after 17m user records leak
Target locks down Git after major source code leak
Black Hat to debut cyber war room documentary in Vegas
2026: Resilience, the new foundation of cybersecurity
AI’s 2026 security fallout: identity chaos & deepfake fear