Cyber Crime Conference 2026, John Sotiropoulos, Board Director of the OWASP GenAI Security Project

No Human at the Keyboard: Agentic AI and the New Cybercrime Frontier. For three decades, cybercrime had a familiar shape: a man, or a woman, at a keyboard. Agentic AI breaks that equation. It introduces actionable autonomy. We are no longer automating tasks, we are delegating agency and identity to systems that act in our name. On this inflection point, John Sotiropoulos, Board Director of the OWASP GenAI Security Project and Co-Lead of the Agentic Security Initiative, opens the first afternoon session of the 14th Cyber Crime Conference. Author of the UK Implementation Guide for the AI Cyber Security Code of Practice (now the global ETSI EN 304 223 / TR 104 128 standard) and Chair of the OWASP Top 10 for Agentic Applications, Sotiropoulos structures his keynote as a four-act play. The thesis running through all of it is sharp: security by design is no longer enough. We also need forensics by design. KEY TOPICS Act I: a Friday afternoon in a London GP surgery. The fictional but realistic case of Dr K, the eConsult prompt injection hidden in 0.1-point font, and an audit log that records a single name; Act II: the inflection point from predictive and generative AI to agentic autonomy; The OWASP Top 10 for Agentic Applications: from Agent Goal Hijack (ASI01) to Rogue Agents (ASI10); When the agent becomes the payload: CVE-2025-53773 on GitHub Copilot and the EchoLeak case on Microsoft 365 Copilot; The agentic runtime: MCP, A2A and ACP. Over 7,000 publicly accessible MCP servers, 150 million SDK downloads, 30+ CVEs in 60 days, 9 of 11 MCP marketplaces poisoned in red-team testing; GTG-2002 and vibe hacking: the first criminal campaign in which the agent was the operator, not the consultant; The new agentic economics: 195 million records breached for less than a coffee, GPT-5.5 solving network bridge exercises in 10 minutes for $1.73, OpenClaw with 346,000 GitHub stars; A rogues' gallery of nine operations across three tiers: AI-assisted, agent-built capability, and agentic execution; Crime-as-a-Service in the agentic era: from selling the gun to selling the worker; The 22-second hand-off: when initial-access-to-lateral-movement collapses to machine speed; Human in the loop vs. human on the loop: continuous monitoring, adaptive trust baselines and automatic circuit breakers; Act III: agentic identity. 82 machine identities per human employee, the Anthropic study on agentic misalignment as insider threat, wrongful arrests in the US and the thin/thick identity distinction (Arbel, Goldstein, Salib); Act IV: how do we respond? Operationalising the OWASP Top 10 through ETSI EN 304 223; Why security by design is not enough: Daubert, Federal Rule of Evidence 707, Article 220 of the Italian Code of Criminal Procedure; Forensics by design: common evidence schema on OpenTelemetry GenAI, tamper-evident receipts, per-agent Non-Human Identities, Daubert-grade investigation methodology; The seven questions every agentic investigator must answer; The Agentic Research Council launching at the OWASP Summit, InfoSec EU London, 4 June; Three audiences, three actions: defenders and CISOs, investigators and prosecutors, policymakers. SPEAKER John Sotiropoulos, Board Director, OWASP GenAI Security Project; Co-Lead, Agentic Security Initiative; Chair, OWASP Top 10 for Agentic Applications; Deep Cyber Ltd. EVENT 14th Cyber Crime Conference Auditorium della Tecnica, Rome 6-7 May 2026 Organised by ICT Security Magazine DISCOVER FORUM ICT SECURITY 2026 24th edition, 18-19 November 2026, Rome SUBSCRIBE to stay up to date with all the talks from upcoming editions and with the analyses of the ICT Security Magazine editorial team.