During China’s 2025 National Cybersecurity Awareness Week, China Telecom, together with the Third Research Institute of the Ministry of Public Security, Huawei, Information Security Research journal, Ant Group, Tsinghua University, Shanghai Jiao Tong University and other partners, officially released the White Paper on AI Agent Security Governance. The document provides a comprehensive overview of the security risks faced by AI agents and proposes corresponding governance strategies and methodologies.

The white paper aims to help the industry build a security governance system that keeps pace with the rapid evolution of agentic AI technologies, providing a solid foundation for the safe and healthy development of AI agents. Professor Gu Dawu from the School of Computer Science at Shanghai Jiao Tong University serves as a co–chief editor of the white paper, and Associate Professor Wang Shuo serves as an expert member of the editorial committee.

Drawing on cutting-edge international academic research and the latest technological trends, the white paper systematically identifies and categorizes security risks that arise across key stages of AI agent applications, including environment perception, planning and decision-making, learning and memory, and task execution. On this basis, it innovatively proposes a full-stack and full-lifecycle security protection framework for AI agents, clearly defining risk management responsibilities and control boundaries across different layers and stakeholders.

The white paper further distills 33 specific security prevention and control measures and recommendations, offering actionable guidance for organizations that design, deploy, and operate AI agents. In addition, it shares a series of practical cases and exploratory experiences from China Telecom and its ecosystem partners in the field of AI agent security governance, providing the industry with concrete, replicable references.

Building a strong security foundation for AI and safeguarding the intelligent era has become a widely shared consensus and common responsibility across society. Looking ahead, as research and practice in AI agent security governance continue to deepen, the industry is expected to witness new breakthroughs in frameworks, technologies, and standards that support the trustworthy and sustainable development of intelligent agents.