Likelihood: MODERATE
Impact: HIGH
Treatment: MITIGATE
Confidence: Moderate
Likelihood is moderate because exploitation is not confirmed and requires an internal governance failure (misconfigured agent permissions or absent audit logging) rather than an external attacker — but organizations actively deploying CrowdStrike Charlotte AI or AgentWorks under the TAC program are already in the exposure window. Impact is high because an AI agent operating with excess SOC-level permissions has broad access to telemetry, endpoint controls, and potentially sensitive case data; a governance failure here can produce undetected data access, regulatory exposure under EU AI Act and DORA, and destruction of audit integrity exactly when it is needed most.
Treatment rationale: The risk is self-created through deployment decisions and is directly reducible through internal controls — AI agent permission scoping, audit log enforcement, and governance policy — making mitigation both feasible and the appropriate primary treatment before transfer or acceptance is considered.
Third-Party / Supply-Chain Risk
CrowdStrike acts as a technology intermediary delivering frontier model capabilities sourced from OpenAI under the TAC program, creating a two-tier supply chain dependency: the organization's AI governance posture is now partially contingent on OpenAI's model behavior guarantees and CrowdStrike's AgentWorks permission architecture. Under NIST SP 800-161, this constitutes a shared-platform exposure — the organization does not fully control the upstream model, its update cadence, or capability changes introduced by OpenAI between TAC program revisions. Any expansion of model capabilities or changes to the TAC access scope by either vendor could alter the organization's risk posture without a corresponding internal change event.
Loss Exposure (illustrative)
Magnitude: moderate to high — illustrative $250K–$2M per governance failure event, depending on regulatory jurisdiction and scope of AI agent access
Frequency: Illustrative: organizations actively deploying AI SOC agents without formal governance frameworks face a plausible governance-failure event once every 2–4 years as agent capabilities expand and audit gaps compound
Annualized: Illustrative ALE: approximately $60K–$500K annually, reflecting low-to-moderate frequency against moderate-to-high per-event impact in a regulated environment
Basis: Loss magnitude driven by: (1) regulatory penalty exposure in EU-jurisdicted organizations under AI Act or DORA where documented governance failure is the triggering condition, not a breach; (2) incident response and forensic costs elevated because absence of audit logs extends investigation timelines; (3) reputational impact for organizations whose security function is itself the source of a governance failure. Frequency calibrated to the operational maturity gap — most SOC teams have detection and response playbooks but lack AI agent governance frameworks, making a first governance failure more likely than not within a product lifecycle. No third-party actuarial data cited.
Illustrative estimate — not actuarially derived.
Insurance / Contractual / Legal — Potential Obligations
Potential triggers, not legal determinations. Verify with counsel/broker before acting.
• AI agent access to sensitive SOC telemetry or case data without adequate audit trails may invoke breach notification obligations if agent activity is later deemed an unauthorized or uncontrolled data access event — verify with counsel.
• EU AI Act classification of autonomous SOC agents may impose conformity assessment or incident reporting obligations depending on risk tier determination — verify with counsel.
• DORA-regulated entities should assess whether the OpenAI TAC / CrowdStrike integration qualifies as a critical ICT third-party arrangement requiring contractual and oversight obligations under DORA Article 28 — verify with counsel and compliance officer.
• Existing cyber insurance policies may contain AI-usage exclusions or require disclosure of frontier AI deployment in SOC workflows as a material change in risk profile — verify with broker.
