Ed.
note:
This
is
the
latest
in
the
article
series, Cybersecurity:
Tips
From
the
Trenches, by
our
friends
at Sensei
Enterprises,
a
boutique
provider
of
IT,
cybersecurity,
and
digital
forensics
services.
Most
lawyers
are
still
focused
on
AI
hallucinations.
The
concern
has
been
inaccurate
citations,
fabricated
cases,
and
sloppy
drafting.
That
is
yesterday’s
problem.
The
next
wave
of
risk
is
more
serious:
autonomous
AI
agents
that
act,
not
just
suggest.
A
recent
study
led
by
researchers
at
MIT
examined
dozens
of
widely
used
AI
agent
systems
and
found
something
unsettling.
Many
of
these
tools
lack
basic
monitoring,
meaningful
transparency,
and
reliable
stop
controls.
In
plain
English,
they
can
operate
with
limited
oversight
and,
in
some
cases,
with
limited
ability
to
shut
them
down
cleanly.
For
law
firms
experimenting
with
agentic
(agent
based)
AI,
that
should
get
your
attention.
Unlike
a
chatbot
that
drafts
text,
an
AI
agent
can
execute
multi-step
workflows.
It
can
send
emails,
retrieve
data,
update
records,
connect
to
external
systems,
and
make
conditional
decisions.
The
promise
is
efficiency.
The
risk
is
autonomy
without
governance.
What
the
Study
Found
The
researchers
pinpointed
three
main
vulnerabilities.
Firstly,
limited
logging
and
monitoring,
where
many
systems
offer
only
minimal
insight
into
actions
and
timing.
Secondly,
inadequate
disclosure,
with
some
agents
failing
to
clearly
indicate
when
they
are
functioning
as
AI
instead
of
a
human.
Thirdly,
ineffective
or
missing
kill
switches,
as
in
several
cases,
there
was
no
straightforward
method
to
stop
an
agent
once
it
was
active.
In
a
consumer
app,
that
might
be
annoying.
In
a
law
firm,
it
can
be
catastrophic.
Imagine
an
agent
embedded
in
client
intake
workflows
that
automatically
responds
to
prospective
clients,
updates
case
management
systems,
and
routes
documents.
If
it
misinterprets
input
and
sends
incorrect
communication,
who
identifies
the
mistake?
If
it
accesses
data
outside
its
designated
scope,
where
is
the
audit
trail?
If
it
causes
a
billing
or
notification
error,
can
you
trace
back
what
occurred?
Why
This
Is
a
Legal
Risk,
Not
Just
a
Tech
Issue
Lawyers
work
in
a
profession
founded
on
accountability,
answering
to
clients,
courts,
regulators,
and
insurers.
The
Model
Rules
do
not
absolve
us
from
technological
incompetence;
instead,
they
mandate
supervision
of
non-lawyers
and
a
reasonable
grasp
of
the
tools
we
employ.
An
AI
agent
that
functions
outside
meaningful
human
oversight
is
not
merely
a
technological
issue
but
also
a
supervision
concern.
The
governance
gap
should
worry
firms
most.
Many
vendors
display
compliance
badges
and
security
certifications
yet
provide
little
public
documentation
on
how
their
agents
are
monitored,
tested,
or
constrained.
Capability
is
advancing
faster
than
control
frameworks.
That
imbalance
creates
exposure.
This
is
not
an
argument
against
the
use
of
AI
agents.
It
is
an
argument
for
discipline.
Three
Questions
Every
Firm
Should
Ask
If
your
firm
is
evaluating
or
deploying
agentic
AI,
start
with
three
questions.
First,
can
you
clearly
identify
what
the
agent
did?
Detailed
logging
and
audit
trails
are
not
optional.
If
you
cannot
reconstruct
the
sequence
of
actions,
you
cannot
defend
them
or
correct
them.
Second,
where
are
the
human
checkpoints?
Sensitive
actions
should
require
confirmation.
Full
autonomy
may
sound
efficient,
but
in
legal
workflows,
it
is
often
inappropriate.
Third,
is
there
a
reliable
way
to
stop
the
system?
A
true
kill
switch
that
halts
a
specific
agent
without
shutting
down
everything
else
is
essential.
If
the
answer
is
vague
or
unavailable,
that
is
a
red
flag.
Lawyers
have
lived
through
technological
waves
before.
Cloud
computing,
electronic
discovery,
and
cybersecurity
each
promised
efficiency
and
required
new
governance
models.
AI
agents
are
no
different,
except
that
they
can
act
without
constant
supervision
and
validation.
The
Bottom
Line
The
firms
that
treat
agentic
AI
as
a
strategic
tool
with
guardrails
will
gain
an
advantage.
The
firms
that
treat
it
as
a
plug-and-play
productivity
booster
may
eventually
have
to
explain
to
a
court,
a
regulator,
or
a
client
why
an
automated
system
acted
in
ways
no
one
fully
understood.
AI
agents
are
not
inherently
out
of
control.
Without
deliberate
oversight,
they
can
be.
Michael
C.
Maschke
is
the
President
and
Chief
Executive
Officer
of
Sensei
Enterprises,
Inc.
Mr.
Maschke
is
an
EnCase
Certified
Examiner
(EnCE),
a
Certified
Computer
Examiner
(CCE
#744),
an
AccessData
Certified
Examiner
(ACE),
a
Certified
Ethical
Hacker
(CEH),
and
a
Certified
Information
Systems
Security
Professional
(CISSP).
He
is
a
frequent
speaker
on
IT,
cybersecurity,
and
digital
forensics,
and
he
has
co-authored
14
books
published
by
the
American
Bar
Association.
He
can
be
reached
at [email protected].
Sharon
D.
Nelson
is
the
co-founder
of
and
consultant
to
Sensei
Enterprises,
Inc.
She
is
a
past
president
of
the
Virginia
State
Bar,
the
Fairfax
Bar
Association,
and
the
Fairfax
Law
Foundation.
She
is
a
co-author
of
18
books
published
by
the
ABA.
She
can
be
reached
at [email protected].
John
W.
Simek
is
the
co-founder
of
and
consultant
to
Sensei
Enterprises,
Inc.
He
holds
multiple
technical
certifications
and
is
a
nationally
known
digital
forensics
expert.
He
is
a
co-author
of
18
books
published
by
the
American
Bar
Association.
He
can
be
reached
at [email protected].