What happened
On 2026-07-10 (confirmed via page json-ld datePublished metadata), DSIT published a commissioned report by Lancaster University: a PRISMA-methodology thematic review and gap analysis of five years (Jan 2021–Jan 2026) of peer-reviewed AI security research, screening 9,109 publications and grouping findings into 12 themes (training-time security, data/privacy risks, alignment, supply chain vulnerabilities, inference-time security, end-of-lifecycle/disposal risks, system infrastructure security, etc.). The review explicitly identifies significant gaps in agentic-AI security research, including the security of agents themselves and the tools they use to interact with their environment.
Why it matters
This is a national-body-commissioned evidence base intended to steer UK AI security research funding and future guidance/standards priorities (directly complementing NCSC's operational work like Cyber Shield). It formally flags agentic AI security as an under-researched gap area, which will likely shape upcoming DSIT/NCSC guidance and funding calls.
Action needed
Security researchers and standards bodies should review the identified 12 themes and gap areas to align future research and control-catalogue development; practitioners should note agentic AI security is flagged as an evidence gap needing new controls.