A growing body of research within the AI field suggests that organisations need to focus more closely on the actions of AI agents after they gain access to systems, rather than relying primarily on authentication controls.

Recent frameworks published by Anthropic, research from Zero Trust specialist Dr Chase Cunningham and technology developed by Cequence Security all highlight concerns that AI agents operating with legitimate permissions could still misuse data, interact with APIs in harmful ways or carry out unintended actions.

The emerging view is that authentication remains important but may not be sufficient on its own. Instead, security controls should continuously monitor and govern agent behaviour, with policy enforcement applied in real time.

"Traditional security controls focus obsessively on the front gate – who gets in. But with AI agents, the real damage happens after the front gate, through totally authorised channels," Dr Cunningham said.

The approach also aligns with guidance in the Model Context Protocol Companion Guide published by the Center for Internet Security in April. The guidance adapts established cyber security controls to address risks associated with AI agents interacting with enterprise systems, tools and data.

The shift comes as AI agents move from experimental deployments into production environments, where they are increasingly being given access to sensitive information and business-critical systems. Security experts argue that faster-moving AI-enabled threats are increasing the need for continuous monitoring of agent activity and data flows.

---