This week brought big news in AI agent security and data privacy. Microsoft introduced new Security Copilot agents that help companies handle data breaches faster. Their Privacy Breach Response Agent, built with partner OneTrust, automatically figures out which privacy laws apply during a leak and creates reports for regulators. Five other partners, like Aviatrix and BlueVoyant, added AI tools to check network errors and improve security teams.

CyberArk and Accenture announced a partnership to secure AI agents using Zero Trust rules. Their system ensures AI bots only access data they absolutely need, reducing hacking risks. This comes as research shows non-human identities (NHIs) like API keys are exploding, with 46 NHIs for every human worker. Over 70% of these digital identities aren’t updated regularly, making them easy targets.

Phishing attacks powered by AI are getting smarter. Hoxhunt’s study showed AI-generated scams now fool people 24% more often than human-made ones, especially after March 2025. To combat this, Microsoft rolled out AI web filters to block unapproved AI apps and browser tools to stop sensitive data from being typed into chatbots like ChatGPT.

OneTrust’s AI agent tackles breaches step-by-step: it maps affected countries, checks local laws, and guides privacy teams—cutting response time. Meanwhile, Astrix focuses on securing NHIs, tracking AI agent behavior to prevent identity theft across systems.

Regulators are paying attention. A S&P Global report warns companies must audit AI agent decisions to comply with privacy laws like GDPR. Zendesk also joined the trend, using adaptive AI agents to safely manage customer refunds and data requests without leaking info.

Despite progress, experts on AI Tech Park ask if defenses are moving fast enough. With AI agents now managing critical tasks, securing their digital identities has become the frontline in data protection.