7. Agentic Future


Work in progress

This section is under construction. This information hasn’t been reviewed or edited yet!


Introduction

Throughout this chapter, we’ve explored the foundations of AI systems, from understanding their core architectures to examining deployment strategies, technical underpinnings, crafting effective prompts, and implementing inference techniques. Now, we turn our attention to what many consider the next frontier in AI evolution: agentic systems.

While current LLMs excel at generating content and retrieving knowledge, agentic AI goes further by autonomously pursuing goals, making decisions, and taking actions without constant human guidance. This shift from passive tools to proactive agents represents a fundamental transformation that will redefine how organizations leverage AI and has profound implications for security, governance, and the future of work.

What will I get out of this?

By the end of this section, you will be able to:

  1. Describe the evolution of AI from generative models to agentic systems, explaining the key differences between each stage.
  2. Define the characteristics that make an AI system “agentic”, including goal-setting, decision-making, and autonomous action.
  3. Identify clear real-world applications of agentic AI across different sectors, such as business, healthcare, and customer service.
  4. Analyze the potential business impact of agentic AI, including projected efficiency gains and market growth estimates.
  5. Discuss the key challenges associated with implementing agentic AI, including governance, security, ethics, and workforce implications.
  6. Compare the security risks of agentic AI systems to traditional AI tools, with a focus on the amplified consequences of potential breaches.
  7. Distinguish between AI agents, agentic AI, and agentic workflows using practical examples.
  8. Recognize where simple automation ends and true agency begins on the spectrum of AI capabilities.

The Evolution of AI: From Generation to Agency

Generative AI is a nascent technology, still in its infancy. So to continue with that analogy, imagine teaching a child to ride a bike in three stages: First, they learn to balance. Then, they learn to pedal. Finally, they learn to navigate on their own. The evolution of generative AI has followed a similar path:

  • Stage 1: Base Models — Learning to Generate
    Remember the early days of ChatGPT? These first-generation LLMs impressed us with their ability to generate human-like text but were limited by their training data. They could confidently tell you that Paris is the capital of Italy or invent citations to non-existent research papers. Useful, but unreliable for critical tasks.

  • Stage 2: RAG Systems — Learning to Reference
    Next came Retrieval Augmented Generation (RAG), which gave LLMs the ability to “look things up” before answering. Like a student with access to reference materials, RAG-enabled systems could verify facts against external sources, making them significantly more reliable and useful for enterprise applications.

  • Stage 3: Agentic AI — Learning to Act
    We’re now entering the era of Agentic AI — systems that don’t just respond to prompts but proactively pursue goals. These AI agents can make decisions, execute tasks, and adapt their strategies based on changing conditions. It’s like the difference between a GPS that gives directions and an autonomous vehicle that drives you to your destination.

This shift from reactive tools to proactive agents represents the most significant transformation yet in AI capability. By 2028, experts predict AI agents will autonomously handle up to 15% of routine business decisions and become a multi-trillion dollar market.


The Shift to Agentic AI

What Makes an AI “Agentic”?

Agentic AI systems operate with a degree of autonomy that sets them apart from traditional AI tools. Instead of passively waiting for instructions, these systems:

  • Set their own goals within defined parameters
  • Make decisions based on available information
  • Take action to achieve objectives
  • Learn from outcomes to improve future performance

Think of the difference between a calculator (traditional AI) and a personal financial advisor (agentic AI). The calculator performs calculations when prompted; the advisor proactively identifies opportunities, suggests strategies, and executes transactions on your behalf.

Script vs. Agent: The Critical Distinction

A common misconception is that any system using an LLM is automatically an “agent.” Let’s clarify this important distinction with examples:

Not an Agent: LLM-Enhanced Automation

A Python script that:

  1. Prompts an LLM with “Is this email a phishing attempt? Answer only with TRUE or FALSE”
  2. Takes the LLM’s response and routes the email accordingly using if-then logic

This is just automation with an LLM component. The script lacks key agent characteristics:

  • It has no agency or autonomy beyond executing predefined steps
  • It doesn’t perceive or interpret its environment in a meaningful way
  • It follows hardcoded logic rather than adapting its behavior

True Agent: Virtual Assistant

A virtual assistant that:

  1. Receives the message “create a reminder for 10pm”
  2. Recognizes this as a task requiring action
  3. Decides to use Google Tasks API as the appropriate tool
  4. Executes the task with proper parameters
  5. Confirms completion and learns from the interaction

This displays genuine agency because it independently perceives input, makes decisions about appropriate actions, selects tools, and executes tasks to achieve goals.

The Spectrum of Agency

Agency exists on a spectrum rather than as a binary distinction:

  • Low Agency: Simple scripts with LLM components that follow rigid, predetermined paths (e.g., an LLM-powered form validator)

  • Medium Agency: Systems that can choose between multiple predefined actions based on LLM reasoning (e.g., a customer service bot that can answer questions, escalate issues, or schedule callbacks)

  • High Agency: Systems that can formulate their own plans, select from a wide range of tools, and adapt their approach based on feedback (e.g., an autonomous research assistant that can decompose questions, search for information, synthesize findings, and present conclusions)

Real-World Applications Already Emerging

Agentic AI is quickly moving from research labs to practical applications:

Sector Application Impact
Business Automated inventory management Reduced stockouts by 35%
Healthcare Patient monitoring systems Earlier intervention in 62% of critical cases
Customer Service Proactive issue resolution 40% reduction in support tickets
Personal Productivity Email management agents Saves professionals 5+ hours weekly

The Business Case for Agentic AI

The numbers tell a compelling story:

  • Operational Efficiency: Companies using agentic AI report 20-30% productivity gains in affected workflows
  • ROI Timeline: Initial investment typically recovered within 12-18 months
  • Market Growth: PwC projects agentic AI could contribute $2.6-$4.4 trillion annually to global GDP by 2030
  • Adoption Forecast: Gartner predicts 33% of enterprise software will incorporate agentic capabilities by 2028

Understanding Agentic Workflows

An agentic workflow is a structured series of steps that are dynamically executed by one or more AI agents to achieve a specific task or goal. What makes a workflow “agentic” is that AI agents guide and shape the progression of tasks, rather than following a predetermined, static path.

Distinguishing Traditional, AI, and Agentic Workflows

Workflow Type Characteristics Example
Traditional Workflow Deterministic, follows predefined sequences A form submission process that always follows the same steps
Non-agentic AI Workflow Uses AI but in predetermined ways A text summarization workflow that takes input, prompts an LLM, returns summary
Agentic Workflow Dynamic, adaptable, agent-guided A research process where agents determine research paths based on initial findings

The Anatomy of Agentic Workflows

Agentic workflows are defined by three key capabilities:

  1. Planning: The workflow begins with an agent breaking down complex tasks into smaller sub-tasks through task decomposition and determining the best execution route.

  2. Tool utilization: Agents in the workflow use predefined tools with specific permissions to accomplish tasks and carry out their generated plan.

  3. Reflection and iteration: The agents can assess results at each step, adjust the plan if needed, and loop back until the outcome is satisfactory.

These foundational design patterns - reflection, planning, tool utilization, and multi-agent collaboration - are crucial for enhancing LLM productivity and performance.

Example: Multi-Agent Agentic Workflow

Consider a content creation workflow:

  1. Manager Agent: Receives the brief, breaks down the task, assigns subtasks to specialized agents
  2. Research Agent: Collects and analyzes relevant information from multiple sources
  3. Writer Agent: Creates initial draft based on research and brief
  4. Editor Agent: Reviews content for accuracy, clarity, and adherence to guidelines
  5. Quality Control Agent: Performs final check against predefined criteria

Each agent makes independent decisions within its domain, and the collective workflow adapts dynamically based on intermediate results.

The path to agentic AI isn’t without obstacles:

  • Governance Gaps: How do we establish clear boundaries for AI autonomy?
  • Security Concerns: Autonomous systems represent new attack vectors with amplified risks.
  • Ethical Considerations: Who’s responsible when an AI agent makes a mistake?
  • Workforce Evolution: Jobs won’t disappear, but they will transform
Why is Agentic AI Riskier?

Unlike traditional Generative AI that might leak data, agentic systems can make operational decisions and execute actions – turning a security breach from “information exposure” into “unauthorized business operations” with potentially devastating consequences.

The Road Ahead

As AI continues its evolution from tool to teammate, organizations that strategically implement agentic systems will gain significant competitive advantages. The question is no longer if AI agents will transform business operations, but how quickly and extensively.

What’s Next?

This section finishes Chapter 1! If you have been following along, you should now be equipped with a strong understanding of how Generative AI and particularly LLMs work. This knowledge will help you be part of any technical conversation that relates to this technology. From development to security.

Chapter 2 will be focused on showing and demonstrating how LLM systems can be compromised, while Chapter 3 will instead focus on how to secure AI applications and their ecosystem. Stay tuned!


Quiz

Let’s test your understanding!

Want to test your understanding of agentic AI and its implications? This quiz focuses on the practical applications and challenges of agentic systems.

## A company is deploying an agentic AI system to automate their supply chain management. Which capability most clearly distinguishes this as an agentic system rather than a traditional AI tool? > Hint: Consider the fundamental differences between reactive and proactive AI systems. 1. [ ] The ability to generate human-like responses to inventory queries > This describes a capability of generative AI generally, not specifically agentic AI. Many non-agentic systems can generate human-like text. 1. [ ] The ability to search through a knowledge base of supplier information > This describes a RAG (Retrieval-Augmented Generation) capability, which is the second stage of AI evolution, not specifically agentic AI. 1. [x] The ability to proactively identify potential shortages and autonomously place orders with suppliers > Correct! This exemplifies true agency - the system isn't just responding to queries or retrieving information, but making decisions and taking actions to achieve goals (maintaining inventory levels) without direct human instruction for each action. 1. [ ] The ability to recognize images of products for inventory tracking > This describes a computer vision capability, which may be part of an AI system but doesn't specifically indicate agency. ## A healthcare organization is evaluating security risks associated with implementing an agentic AI system for patient care coordination. Why might this system present greater security concerns than a traditional RAG-based system? > Hint: Think about the relationship between autonomy and security implications. 1. [ ] The agentic system would require storing more patient data than a RAG system > Both systems would likely require access to similar amounts of patient data, so this isn't the primary security distinction. 1. [ ] The agentic system would be more vulnerable to prompt injection attacks > While prompt injection is a concern for all LLM systems, it's not uniquely more problematic for agentic systems. 1. [ ] The agentic system would require more computational resources, creating more points of failure > While resource requirements might differ, this isn't directly related to the security concerns specific to agentic systems. 1. [x] The agentic system's ability to autonomously take actions amplifies the potential impact of any security breach > Correct! As noted in the section, agentic systems don't just access information (like RAG systems) but can make operational decisions and execute actions. This transforms a security breach from "information exposure" to "unauthorized business operations," significantly increasing potential damage. ## A retail company is developing a customer service AI agent that can handle returns, exchanges, and order modifications. Which approach best represents the evolution from a RAG-based system to a truly agentic solution? > Hint: Consider how an AI system progresses from information retrieval to autonomous decision-making. 1. [ ] Adding more comprehensive product information to the knowledge base > This simply enhances the "reference" capability of a RAG system but doesn't add agency. 1. [ ] Improving the natural language understanding of customer requests > While important, this improvement alone doesn't transform the system into an agentic one. 1. [ ] Creating more detailed response templates for common customer scenarios > This represents an improvement to a generative system but doesn't add decision-making capabilities. 1. [x] Implementing decision rules that allow the system to evaluate and approve returns based on company policies without human review > Correct! This represents the shift from a system that simply references information (RAG) to one that makes decisions and takes actions autonomously (agentic), operating within defined parameters to achieve business goals. ## By 2028, analysts predict agentic AI will significantly impact business operations. Based on the content, which statement most accurately reflects the projected business impact of this technology? > Hint: Consider both the quantitative and qualitative predictions discussed in the section. 1. [ ] Agentic AI will completely automate most business processes, eliminating the need for human workers > The content explicitly states that "jobs won't disappear, but they will transform," contradicting this extreme view. 1. [x] Agentic AI could handle up to 15% of routine business decisions and contribute trillions to global GDP > Correct! This accurately reflects the projections mentioned in the section, which states that "by 2028, experts predict AI agents will autonomously handle up to 15% of routine business decisions and become a multi-trillion dollar market" and that "PwC projects agentic AI could contribute $2.6-$4.4 trillion annually to global GDP by 2030." 1. [ ] Agentic AI will primarily be adopted in customer service roles with minimal impact on other business areas > This contradicts the section's discussion of applications across multiple sectors including business operations, healthcare, and personal productivity. 1. [ ] Agentic AI will take at least a decade to show positive ROI for most businesses > This contradicts the section's statement that "Initial investment typically recovered within 12-18 months." ## Which of the following best illustrates the difference between a simple LLM-powered script and a true AI agent? > Hint: Consider the key characteristics that define agency in AI systems. 1. [ ] An LLM-powered script returns a single output, while an AI agent generates multiple outputs > The number of outputs doesn't determine agency; both scripts and agents can produce single or multiple outputs. 1. [ ] An LLM-powered script uses only one model, while an AI agent uses multiple models > The number of models used doesn't determine agency; a true agent could use a single model while still demonstrating autonomous decision-making. 1. [x] An LLM-powered script follows predetermined logic based on LLM output, while an AI agent can make autonomous decisions about what actions to take > Correct! The key distinction is autonomy in decision-making. A script follows hardcoded logic, while an agent can independently decide what actions are appropriate based on its understanding of the goal and context. 1. [ ] An LLM-powered script only works with text, while an AI agent can process multiple data types > The ability to process multiple data types doesn't inherently make a system an agent; it's about the autonomy of decision-making, not the input types. ## In an agentic workflow for document creation, what feature most clearly distinguishes it from a traditional workflow? > Hint: Think about how agentic workflows adapt to changing circumstances. 1. [ ] The ability to format documents according to predefined templates > This is a feature of traditional document workflows and doesn't involve agency. 1. [ ] The ability to check spelling and grammar automatically > This is a standard feature in non-agentic document processing systems. 1. [x] The ability to dynamically reorganize content sections based on evaluation of content coherence > Correct! This demonstrates the adaptive, dynamic nature of agentic workflows - the system is making autonomous decisions about how to restructure content based on its evaluation of quality and coherence. 1. [ ] The ability to store documents in the cloud for easy access > Cloud storage is a feature of many document systems and doesn't relate to agency.

Chapter 1 Complete!

Congratulations on completing Chapter 1! You now have a strong foundation in the core concepts of AI and LLMs, from basic principles through to emerging agentic systems. In Chapter 2, we’ll explore potential vulnerabilities in LLM systems, and in Chapter 3, we’ll delve into security best practices for AI applications.