Navigating the Latest CISA Guidance on Agentic AI
Navigating the Latest CISA Guidance on Agentic AI
The Cybersecurity and Infrastructure Security Agency (CISA), along with the NSA and international partners, recently issued guidance for the Careful Adoption of Agentic Artificial Intelligence (AI) Services.
What is agentic AI?
Unlike traditional AI assistants that typically generate responses or insights, agentic AI can execute tasks, make decisions and influence real world systems. This shift introduces significant new capabilities, but also new risks.
CISA’s guidance emphasizes several core principles for adopting these systems responsibly:
- Security first deployment
- Human oversight and control mechanisms
- Least privilege access to systems and data
- Continuous monitoring and auditing
- Strong governance and accountability frameworks
CISA is encouraging organizations to move forward thoughtfully and deliberately, ensuring protections are in place as these systems gain access to sensitive environments and business critical workflows. Agentic AI introduces a new level of autonomy that can amplify both value and risk.
Why is it important?
AI-enabled business tools are rapidly entering the enterprise market, driven by demand for automation, productivity gains and operational efficiency. At the same time, cybersecurity and compliance concerns are growing just as quickly.
Customer scrutiny is becoming a direct forcing function for how technology companies design, deliver and position AI solutions. As enterprises increasingly demand clarity on access controls, identity management, human oversight, auditability and data protection, AI-driven vendors and partners can no longer treat governance as an add on; it must be embedded into the core architecture.
This shift is driving technology companies to build AI systems that are inherently secure, transparent and controllable, with robust permission models, end-to-end logging and continuous monitoring as standard capabilities. It is also accelerating the adoption of formal governance frameworks that define accountability for autonomous actions and ensure traceability across AI driven workflows.
In effect, customer expectations, amplified by guidance like CISA’s, are redefining AI as an operationally integrated, risk-managed system rather than a standalone tool. Enterprise-grade governance, auditability and security are necessary in the current market.
For vendors and partners, this guidance introduces both new responsibilities and added opportunities in developing AI-enabled platforms, SaaS solutions and automation tools.
Opportunities and Implications
Government entities will expect vendors and partners to build AI systems with security and accountability in mind from the outset. This includes:
- Secure by design development
- Identity and access management
- Transparency and explainability
- Logging and observability
End-users are also developing how they assess technology providers. Increasingly, they will evaluate solutions based on:
- AI security posture
- Compliance readiness
- Audit capabilities
- Human in the loop safeguards
This means that purchasing decisions will extend beyond functionality and performance to include trust, accountability and risk mitigation.
Reseller partners are increasingly becoming strategic advisors as customers navigate AI adoption. Beyond delivering technology, they are expected to help entities understand AI related risks, implement governance frameworks, align with compliance requirements and evaluate security architecture. This shift creates a clear opportunity for partners to move into more consultative roles, offering services such as AI readiness assessments, governance and risk strategy and secure architecture design. Ultimately, customers are not just buying AI capabilities; they are buying confidence that those capabilities can be deployed securely, responsibly, and in alignment with enterprise expectations. IT companies that prioritize trustworthy AI, aligned with guidance like CISA’s, will likely gain trust faster, particularly in enterprise and government markets.
Additionally, the international coordination behind this guidance suggests that global expectations for AI security may become more standardized, reinforcing the need for vendors and partners to prepare early.
CISA’s guidance is an early but important signal of where enterprise AI governance may be heading. While agentic AI adoption is accelerating, security and governance maturity are still catching up.
For organizations, the path forward should focus on:
- Incremental deployment strategies
- Human oversight and control mechanisms
- Strong identity and access controls
- Continuous monitoring and logging
- Integration of AI into broader risk governance frameworks
For technology vendors and reseller partners, several key trends are worth watching:
- Emerging AI security standards and frameworks
- Increasing government procurement scrutiny
- Rising demand for AI transparency and explainability
- Evolving cybersecurity guidance around autonomous systems
To prepare, vendors and partners should begin:
- Educating internal teams on AI governance principles
- Reviewing and strengthening product security controls
- Developing clear, customer facing guidance and best practices
- Positioning themselves as trusted advisors, not just solution providers
To get more TD SYNNEX Public Sector Market Insight content, please visit our Market Intelligence microsite.
About the Author:
Tash Elias is a Discovery Rep on the DLT Market Insights team. She graduated from George Mason University and lives in Herndon, VA.
Related Blog Posts
Cybersecurity, Data & Storage, Market Intelligence, Technology
Reshaping Federal Logging Requirements As of late May, 2026, logging requirements for federal agencies will shift from a volume-driven mindset to a risk-based logging approach. The previous logging requirements published in 2021 via OMB Memo M-21-31 have been rescinded with the publication of OMB’s latest memo M-26-14, calling the logging of cyber incidents across federal agencies to include both Continuous Event Monitoring (CEM) and Threat Hunting, Investigation, Response and Forensics (THIRF).
Jennifer Miller
Cybersecurity, Data & Storage, Market Intelligence, Technology
Reshaping Federal Logging Requirements As of late May, 2026, logging requirements for federal agencies will shift from a volume-driven mindset to a risk-based logging approach. The previous logging requirements published in 2021 via OMB Memo M-21-31 have been rescinded with the publication of OMB’s latest memo M-26-14, calling the logging of cyber incidents across federal agencies to include both Continuous Event Monitoring (CEM) and Threat Hunting, Investigation, Response and Forensics (THIRF).
Jennifer Miller
Cybersecurity, Data & Storage, Market Intelligence, Technology
Reshaping Federal Logging Requirements As of late May, 2026, logging requirements for federal agencies will shift from a volume-driven mindset to a risk-based logging approach. The previous logging requirements published in 2021 via OMB Memo M-21-31 have been rescinded with the publication of OMB’s latest memo M-26-14, calling the logging of cyber incidents across federal agencies to include both Continuous Event Monitoring (CEM) and Threat Hunting, Investigation, Response and Forensics (THIRF).
Jennifer Miller
Cybersecurity, Data & Storage, Market Intelligence, Technology
Reshaping Federal Logging Requirements As of late May, 2026, logging requirements for federal agencies will shift from a volume-driven mindset to a risk-based logging approach. The previous logging requirements published in 2021 via OMB Memo M-21-31 have been rescinded with the publication of OMB’s latest memo M-26-14, calling the logging of cyber incidents across federal agencies to include both Continuous Event Monitoring (CEM) and Threat Hunting, Investigation, Response and Forensics (THIRF).
Jennifer Miller
Federal Government, Market Intelligence, State & Local Government, Technology
On May 7, 2026, the FEMA Review Council released its final report recommending a substantial shift in how disaster preparedness, response and recovery are managed nationwide.
Yvonne Maffia
Federal Government, Market Intelligence, State & Local Government, Technology
On May 7, 2026, the FEMA Review Council released its final report recommending a substantial shift in how disaster preparedness, response and recovery are managed nationwide.
Yvonne Maffia
AI, Cybersecurity, Data, Market Intelligence, State & Local Government
As we approach Sled Fiscal Year End (SFYE), SLED agencies are balancing budgets in a constrained environment, addressing rising constituent expectations, tackling growing cybersecurity challenges and supporting accelerated AI adoption.For industry, this confluence of factors creates both complexity and opportunity. In today’s environment, success in SLED comes down to connecting IT investments to clear and measurable ROI in operational efficiency, modernization, resilience and cost savings.
Yvonne Maffia
AI, Cybersecurity, Data, Market Intelligence, State & Local Government
As we approach Sled Fiscal Year End (SFYE), SLED agencies are balancing budgets in a constrained environment, addressing rising constituent expectations, tackling growing cybersecurity challenges and supporting accelerated AI adoption.For industry, this confluence of factors creates both complexity and opportunity. In today’s environment, success in SLED comes down to connecting IT investments to clear and measurable ROI in operational efficiency, modernization, resilience and cost savings.
Yvonne Maffia
Cybersecurity, Education, Federal Government, Healthcare, Market Intelligence, State & Local Government, Technology
At this year’s Red, White and You conference, our market intelligence team detailed the ins and outs of what we’re seeing across the public sector. Throughout the sessions, one theme became clear: while success in the public sector market used to rely heavily on institutional knowledge and long-standing relationships, agency buying cycles, and slower opportunity development, the market this year looks different. It’s faster, calling for more efficiency, innovation and cost-optimization.
Susanna Patten
Cybersecurity, Education, Federal Government, Healthcare, Market Intelligence, State & Local Government, Technology
At this year’s Red, White and You conference, our market intelligence team detailed the ins and outs of what we’re seeing across the public sector. Throughout the sessions, one theme became clear: while success in the public sector market used to rely heavily on institutional knowledge and long-standing relationships, agency buying cycles, and slower opportunity development, the market this year looks different. It’s faster, calling for more efficiency, innovation and cost-optimization.
Susanna Patten
Cybersecurity, Education, Federal Government, Healthcare, Market Intelligence, State & Local Government, Technology
At this year’s Red, White and You conference, our market intelligence team detailed the ins and outs of what we’re seeing across the public sector. Throughout the sessions, one theme became clear: while success in the public sector market used to rely heavily on institutional knowledge and long-standing relationships, agency buying cycles, and slower opportunity development, the market this year looks different. It’s faster, calling for more efficiency, innovation and cost-optimization.
Susanna Patten
Cybersecurity, Data & Storage, Federal Government, Market Intelligence
More than 15 years ago, the DoW formally elevated cyber pursuits to the same strategic level as sea, land, air and space. This acknowledgement shifted cybersecurity from risk management to a national defense need, underscoring the importance of protecting the DoW’s defense infrastructure and networks. Defense cybersecurity challenges have since evolved into a multi-domain conflict, particularly with China and Russia - both aiming to infiltrate digital assets.
Toan Le
Cybersecurity, Data & Storage, Federal Government, Market Intelligence
More than 15 years ago, the DoW formally elevated cyber pursuits to the same strategic level as sea, land, air and space. This acknowledgement shifted cybersecurity from risk management to a national defense need, underscoring the importance of protecting the DoW’s defense infrastructure and networks. Defense cybersecurity challenges have since evolved into a multi-domain conflict, particularly with China and Russia - both aiming to infiltrate digital assets.
Toan Le
Cybersecurity, Data & Storage, Federal Government, Market Intelligence
More than 15 years ago, the DoW formally elevated cyber pursuits to the same strategic level as sea, land, air and space. This acknowledgement shifted cybersecurity from risk management to a national defense need, underscoring the importance of protecting the DoW’s defense infrastructure and networks. Defense cybersecurity challenges have since evolved into a multi-domain conflict, particularly with China and Russia - both aiming to infiltrate digital assets.
Toan Le
Cloud, Cybersecurity, Federal Fiscal Year End, Market Intelligence, Technology
The FY27 federal budget request was released on April 3rd, and is providing an initial look at the momentum and impact IT investments will have in the coming years.The Department of War’s unprecedented $1.5T request underscores attention on national security and pushing towards next-generation warfighting capabilities, while across the whole of government, there is expected to be a continued mandate to drive efficiency, consolidate systems and align technology investments with administration priorities.
Nikki Hamlin
Cloud, Cybersecurity, Federal Fiscal Year End, Market Intelligence, Technology
The FY27 federal budget request was released on April 3rd, and is providing an initial look at the momentum and impact IT investments will have in the coming years.The Department of War’s unprecedented $1.5T request underscores attention on national security and pushing towards next-generation warfighting capabilities, while across the whole of government, there is expected to be a continued mandate to drive efficiency, consolidate systems and align technology investments with administration priorities.
Nikki Hamlin
Cloud, Cybersecurity, Federal Fiscal Year End, Market Intelligence, Technology
The FY27 federal budget request was released on April 3rd, and is providing an initial look at the momentum and impact IT investments will have in the coming years.The Department of War’s unprecedented $1.5T request underscores attention on national security and pushing towards next-generation warfighting capabilities, while across the whole of government, there is expected to be a continued mandate to drive efficiency, consolidate systems and align technology investments with administration priorities.
Nikki Hamlin
IT Infrastructure, Market Intelligence, Technology
On a typical day in 2024, the Defense Health Agency (DHA) reported the military health system (MHS) encountered 164,000 patients and 205,000 procedures across military hospitals and medical clinics globally. Assuming this pace continues throughout the fiscal year, MHS is estimated to have managed 60 million occurrences in FY25. The sheer volume of data generated across the MHS is immense. Optimizing this data is critical for clinicians and healthcare providers to support the health and readiness of service members.
Toan Le
IT Infrastructure, Market Intelligence, Technology
On a typical day in 2024, the Defense Health Agency (DHA) reported the military health system (MHS) encountered 164,000 patients and 205,000 procedures across military hospitals and medical clinics globally. Assuming this pace continues throughout the fiscal year, MHS is estimated to have managed 60 million occurrences in FY25. The sheer volume of data generated across the MHS is immense. Optimizing this data is critical for clinicians and healthcare providers to support the health and readiness of service members.
Toan Le
AI, IT Infrastructure, Market Intelligence, Technology, Transportation
In June 2025, Texas signed the Responsible Artificial Intelligence Governance Act into law, outlining statutory requirements for the state’s use of AI. In response to this, the Texas Department of Transportation (TxDOT) released an updated Artificial Intelligence Strategic Plan in January 2026.
Austin Gardner
AI, IT Infrastructure, Market Intelligence, Technology, Transportation
In June 2025, Texas signed the Responsible Artificial Intelligence Governance Act into law, outlining statutory requirements for the state’s use of AI. In response to this, the Texas Department of Transportation (TxDOT) released an updated Artificial Intelligence Strategic Plan in January 2026.
Austin Gardner
Market Intelligence, Technology
The Air Force (DAF) has been aggressively pushing for the modernization of its networks, legacy systems, and software; in line with these efforts is an equally robust acquisition overhaul designed to speed up procurement of everything it buys, from weapon systems to cloud services and digital applications. For IT companies, this shift is creating new opportunities but also means new expectations, greater competition, and challenges.
Toan Le
Market Intelligence, Technology
The Air Force (DAF) has been aggressively pushing for the modernization of its networks, legacy systems, and software; in line with these efforts is an equally robust acquisition overhaul designed to speed up procurement of everything it buys, from weapon systems to cloud services and digital applications. For IT companies, this shift is creating new opportunities but also means new expectations, greater competition, and challenges.
Toan Le
Federal Government, IT Infrastructure, Market Intelligence, Technology
In mid-March, AFCEA NOVA hosted the Naval IT Day in Chantilly, Virginia with the core message on how Navy and Marine Corps digital priorities are enabling the naval force. The message was clear, IT is not just a necessary function, it is a mission-critical warfighting capability.
Nikki Hamlin
Federal Government, IT Infrastructure, Market Intelligence, Technology
In mid-March, AFCEA NOVA hosted the Naval IT Day in Chantilly, Virginia with the core message on how Navy and Marine Corps digital priorities are enabling the naval force. The message was clear, IT is not just a necessary function, it is a mission-critical warfighting capability.
Nikki Hamlin
Cybersecurity, Market Intelligence, Technology
In early March, the White House released the National Cybersecurity Strategy, outlining a six-pillar framework designed to guide federal cyber policy, investment, and operational priorities over the coming years.
Nikki Hamlin
Cybersecurity, Market Intelligence, Technology
In early March, the White House released the National Cybersecurity Strategy, outlining a six-pillar framework designed to guide federal cyber policy, investment, and operational priorities over the coming years.
Nikki Hamlin
Cybersecurity, Market Intelligence, Technology
In early March, the White House released the National Cybersecurity Strategy, outlining a six-pillar framework designed to guide federal cyber policy, investment, and operational priorities over the coming years.
Nikki Hamlin
Cybersecurity, IT Infrastructure, Market Intelligence, State & Local Government, Technology
During this year’s Smart Cities Connect Conference and Expo in Raleigh, NC, one topic garnered considerable attention: AI. Within many city governments, AI is past experimentation and has moved into production. In 2026, city IT leaders are prioritizing safe, secure, and data-driven AI deployments that deliver measurable outcomes in mobility, public safety, infrastructure management, and climate resilience.However, as cities move toward operational AI, challenges exist around data readiness, governance, and integration across departments.
Yvonne Maffia
Cybersecurity, IT Infrastructure, Market Intelligence, State & Local Government, Technology
During this year’s Smart Cities Connect Conference and Expo in Raleigh, NC, one topic garnered considerable attention: AI. Within many city governments, AI is past experimentation and has moved into production. In 2026, city IT leaders are prioritizing safe, secure, and data-driven AI deployments that deliver measurable outcomes in mobility, public safety, infrastructure management, and climate resilience.However, as cities move toward operational AI, challenges exist around data readiness, governance, and integration across departments.
Yvonne Maffia
Cybersecurity, IT Infrastructure, Market Intelligence, State & Local Government, Technology
During this year’s Smart Cities Connect Conference and Expo in Raleigh, NC, one topic garnered considerable attention: AI. Within many city governments, AI is past experimentation and has moved into production. In 2026, city IT leaders are prioritizing safe, secure, and data-driven AI deployments that deliver measurable outcomes in mobility, public safety, infrastructure management, and climate resilience.However, as cities move toward operational AI, challenges exist around data readiness, governance, and integration across departments.
Yvonne Maffia
AI, Education, Market Intelligence, State & Local Government, Technology
In 2023, California Governor Gavin Newsom signed Executive Order N-12-23, directing state government institutions to utilize AI. These state entities are now beginning to move from the theoretical planning phase into the deployment phase with concrete plans.
Austin Gardner
AI, Education, Market Intelligence, State & Local Government, Technology
In 2023, California Governor Gavin Newsom signed Executive Order N-12-23, directing state government institutions to utilize AI. These state entities are now beginning to move from the theoretical planning phase into the deployment phase with concrete plans.
Austin Gardner
AI, Cybersecurity, Education, Market Intelligence, State & Local Government
This year’s Beyond the Beltway conference highlighted key strategic findings from IT leaders that signal where 2026 technology investments will be made and where to focus efforts for success. In 2026, state and local governments are at an inflection point: with rising expectations evolving alongside tightening budgets, staffing and timelines, success will depend on alignment of solutions to modernization requirements, workforce challenges and measurable ROI-driven outcomes.
Yvonne Maffia
AI, Cybersecurity, Education, Market Intelligence, State & Local Government
This year’s Beyond the Beltway conference highlighted key strategic findings from IT leaders that signal where 2026 technology investments will be made and where to focus efforts for success. In 2026, state and local governments are at an inflection point: with rising expectations evolving alongside tightening budgets, staffing and timelines, success will depend on alignment of solutions to modernization requirements, workforce challenges and measurable ROI-driven outcomes.
Yvonne Maffia
Cybersecurity, Federal Government, Infrastructure, Market Intelligence, Technology
The Golden Fleet, a US Navy initiative introduced by the administration in December of 2025, aims to revitalize the US shipbuilding industry, develop and sustain a new class of naval fleet and change how it does business to rapidly address maritime threats, particularly from China, in the Indo-Pacific region. The first frigate is planned for full operation in 2028.
Toan Le
Cybersecurity, Federal Government, Infrastructure, Market Intelligence, Technology
The Golden Fleet, a US Navy initiative introduced by the administration in December of 2025, aims to revitalize the US shipbuilding industry, develop and sustain a new class of naval fleet and change how it does business to rapidly address maritime threats, particularly from China, in the Indo-Pacific region. The first frigate is planned for full operation in 2028.
Toan Le
Cybersecurity, Federal Government, Infrastructure, Market Intelligence, Technology
The Golden Fleet, a US Navy initiative introduced by the administration in December of 2025, aims to revitalize the US shipbuilding industry, develop and sustain a new class of naval fleet and change how it does business to rapidly address maritime threats, particularly from China, in the Indo-Pacific region. The first frigate is planned for full operation in 2028.
Toan Le
Federal Government, Market Intelligence
One-Year Money (e.g., O&M, MILPERS)Funds must be obligated during the fiscal year in which they were appropriated. If O&M is appropriated for FY26, it must be obligated by September 30, 2026. After that, it expires for new obligations. This drives the well-known fourth quarter execution surge.
Lloyd McCoy
Federal Government, Market Intelligence, Technology
If you’ve been part of the defense industrial base (DIB) or are looking to support the DoW, it should come as no surprise that AI is now seeing actionable impact in day-to-day operations. Strategically, AI is essential in warfighting decision-making, analyzing data and enhancing operational logistics. The Army in particular has started incorporating AI solutions across a number of elements outlined below, on the heels of several new strategy announcements and initiatives.
Toan Le
Federal Government, Market Intelligence, Technology
If you’ve been part of the defense industrial base (DIB) or are looking to support the DoW, it should come as no surprise that AI is now seeing actionable impact in day-to-day operations. Strategically, AI is essential in warfighting decision-making, analyzing data and enhancing operational logistics. The Army in particular has started incorporating AI solutions across a number of elements outlined below, on the heels of several new strategy announcements and initiatives.
Toan Le
Cybersecurity, IT Perspective, Market Intelligence, Technology
In early February, Chief of Naval Operations Admiral Daryl Caudle unveiled the details of the US Navy’s 2026 Hedge Strategy. As the Navy is facing a great power competition, rapid technological change and strain on the defense industrial base, it is critical to adapt an innovative operational and strategic approach to maintain adversarial advantage. The strategy shifts away from dominance by mass towards a risk-balanced operational approach that has asymmetric, combat-ready capability. In other words, they are “hedging their bets” on more tailored capabilities and nimble operations.
Nikki Hamlin
Cybersecurity, IT Perspective, Market Intelligence, Technology
In early February, Chief of Naval Operations Admiral Daryl Caudle unveiled the details of the US Navy’s 2026 Hedge Strategy. As the Navy is facing a great power competition, rapid technological change and strain on the defense industrial base, it is critical to adapt an innovative operational and strategic approach to maintain adversarial advantage. The strategy shifts away from dominance by mass towards a risk-balanced operational approach that has asymmetric, combat-ready capability. In other words, they are “hedging their bets” on more tailored capabilities and nimble operations.
Nikki Hamlin
Cybersecurity, IT Perspective, Market Intelligence, Technology
In early February, Chief of Naval Operations Admiral Daryl Caudle unveiled the details of the US Navy’s 2026 Hedge Strategy. As the Navy is facing a great power competition, rapid technological change and strain on the defense industrial base, it is critical to adapt an innovative operational and strategic approach to maintain adversarial advantage. The strategy shifts away from dominance by mass towards a risk-balanced operational approach that has asymmetric, combat-ready capability. In other words, they are “hedging their bets” on more tailored capabilities and nimble operations.
Nikki Hamlin
Federal Government, Market Intelligence, News, Technology
At WEST this year, Department of the Navy leaders signaled a clear shift in modernization priorities: the debate is no longer about adopting emerging technology or drafting strategy documents. Instead, we’re seeing operational speed, how quickly the Navy can field capability, integrate systems and make decisions, become the objective. Across sessions on shipbuilding, acquisition transformation, AI, Zero Trust and maritime force design, the recurring theme was speed matters most.
Susanna Patten
Federal Government, Market Intelligence, News, Technology
At WEST this year, Department of the Navy leaders signaled a clear shift in modernization priorities: the debate is no longer about adopting emerging technology or drafting strategy documents. Instead, we’re seeing operational speed, how quickly the Navy can field capability, integrate systems and make decisions, become the objective. Across sessions on shipbuilding, acquisition transformation, AI, Zero Trust and maritime force design, the recurring theme was speed matters most.
Susanna Patten
AI, Market Intelligence
Over the last year, the Army has been undergoing significant transformation under the Army Transformation Initiative and the larger Pentagon reorganization efforts. This includes the more recent decision to change from Program Executive Offices (PEO) to Portfolio Acquisition Executives (PAEs) to have tighter alignment across missions, the Chief Information Office (CIO), contracting and functional owners. This reorganization will help reduce siloed IT modernization, speed up decision-making and better align acquisition with operational outcomes.
Nikki Hamlin
Market Intelligence
Public sector agencies update their priorities, budgets and technology needs every fiscal year. For IT vendors and resellers, keeping pace with these changes is essential to identifying funded opportunities and positioning solutions effectively. To make that easier, we have opened access to our Market Intelligence Hub, a single destination where you can find detailed research and analysis designed to support your growth in the government market.
Susanna Patten
AI, Data & Storage, Education, Market Intelligence, Students Around The World, Technology
The 2026 FETC Conference took place in Orlando, Florida this year, where K-12 education leaders highlighted how budgets, technology trends, requirements and opportunities are intersecting and how alignment is key to success.
Yvonne Maffia
AI, Data & Storage, Education, Market Intelligence, Students Around The World, Technology
The 2026 FETC Conference took place in Orlando, Florida this year, where K-12 education leaders highlighted how budgets, technology trends, requirements and opportunities are intersecting and how alignment is key to success.
Yvonne Maffia