Top 3 highlights from the OWASP GenAI Security Summit at Infosecurity Europe 

If there is a single takeaway from Infosecurity Europe 2026, it’s this: we have officially entered the era of Agentic AI.

Autonomous agents capable of making independent decisions and interacting with other platforms are actively being integrated into enterprise workflows to drive real business value.

While AI agents promise attractive productivity gains, this level of autonomy comes with a new breed of security challenges.

Securing these fast-moving technologies before they outpace our ability to defend them was the focus of the OWASP GenAI Security Summit at Infosecurity Europe 2026.

If you missed the sessions, here are the three key highlights you need to know.

To close the widening gap between the blistering speed of AI capabilities and the historically slower cycles of traditional security standards, OWASP’s Agentic Security  Initiative officially unveiled the Agentic Research Council during the GenAI Security Summit.

Housed within OWASP’s GenAI Security Project, the same community behind the widely adopted LLM Top 10 guidance, the Council acts as a bridge between research and practical operations.

John Sotiropoulos described the initiative as "expert backed, but community driven," creating a global collaboration across academia, industry and government.

The Council will maintain a public pipeline of research topics, sponsor PhD work and directly translate academic findings into deployable mitigations, open-source tooling and updated practitioner standards.

Rather than replacing existing practitioner work, the new institution is designed to scale OWASP’s ability to proactively anticipate and defend against novel agentic threats.

A major milestone of the Summit was the introduction of the Enterprise Adoption Maturity Model, rolled out in OWASP’s paper, State of Agentic AI Security and Governance.

This practical decision-making framework is designed to help organisations assess and align their governance capabilities with the speed of their agentic AI deployments.

The model utilises a matrix mapping six levels of agent deployment (adoption tiers AT0 to AT5) against four levels of organisational maturity.

It uses a simple colour-coded grid to flag alignment gaps.

Aligning this governance is more critical than ever because, as Ariel Fogel, an AI security researcher at Pillar Security and report co-lead, warned, prompt injection remains an unresolved architectural problem within generative AI.

Because large language models (LLMs) process all inputs as a single sequence of tokens, there is no reliable way to enforce privilege boundaries.

In agentic workflows, a successful prompt injection is no longer just about generating a bad answer, it has become an operational risk that can trigger unauthorized, real-world actions.

To combat this, Fogel urged security teams to shift from a prevention-only mindset to machine-speed containment, using live behavioural monitoring, real-time stop mechanisms and strict identity hygiene to constrain what a compromised agent can do.

During a highly anticipated session, representatives from Lloyds Banking Group pulled back the curtain on their practical, hands-on approach to AI security and how the security team safely enables innovation.

Generative AI delivered approximately £50m of value for Lloyds in 2025, with over £100m expected this year.

To protect this investment, agentic AI security is treated as a core engineering challenge.

The agentic AI security playbook highlights several key pillars:

• Establishment of an AI and innovation roadmap, ensuring security is embedded from the start
• Low-risk, high-value AI use cases: Initial AI deployments focused on areas where utility is high, but risk exposure is limited
• An AI agent marketplace: Combating shadow AI with a centralised internal agent marketplace that acts as a single pane of glass to register and govern all agents
• Engineering-led AI governance: Scales security by codifying controls, investing heavily in runtime observability, and utilizing automated adversarial testing

This overview is just a snapshot of the discussions held at Infosecurity Europe 2026.

For insights on AI, cybersecurity from SMEs, crisis communications and other topics check out the coverage by Infosecurity Magazine:

• CyCOS Project Expands to Support UK SMEs as CIISec Takes Over
• NCSC Urges Immediate Action to Boost Resilience as Uncertainty Persists
• Vulnerability Management Innovator Konvu Wins Cyber Startup Award
• Ukraine’s Experience Highlights the Need for Preparation and Resilience in Cybersecurity
• Mythos Outperforms GPT5.5 on Google Chrome Vulnerability Exploits, Says New Benchmark
• AI Adoption Creates New Opportunities for Attackers to Distribute Malware, Microsoft Warns
• Why JLR’s CISO Enforced In-Person Password Resets Following Cyber-Attack

Enjoyed this article? Make sure to share it!

Looking for something else?