Why Do You Trust Your AI Agent? cover art

Why Do You Trust Your AI Agent?

Why Do You Trust Your AI Agent?

Listen for free

View show details

Agentic AI is powerful, and someone recently found that out the hard way when an AI tool, given free rein with a user’s own permissions, deleted her entire mailbox. That cautionary tale opens this Threat Talks Deep Dive, where host Lieuwe Jan Koning talks with Rob Maas, Field CTO of ON2IT, about what Zero Trust looks like when the thing you’re securing is an AI agent.

Drawing on Rob’s recent blog post (and the Zero Trust pillars shared by CISA and Forrester’s Zero Trust eXtended framework), they work through each pillar in turn. The recurring theme is “just-in-case” privileges: the broad access we hand humans on the assumption they’ll use judgment. Agents have no such judgment. Give one an intent and it will use everything it has to reach the goal, and it can spin up parallel instances to get there faster.

Across Identity, Devices, Network, Applications & Workloads, and Data, Rob makes the case for:

  • Non-human identities with just-in-time, quickly-rotated privileges, so a leaked token can’t be reused forever.
  • Tightly constrained execution environments (VM, container, serverless) that only touch what the agent truly needs.
  • Identity-based network segmentation, so an agent working with CRM data can never reach the financial system.
  • Allow-listed MCP tooling, because tool sprawl is the new shadow IT.
  • New data controls for a world where everything (prompts, retrieval, documents) is data flowing to and from a model.

He’s candid about the gaps, too: there’s no generic “AI firewall” yet, prompt injection has no guaranteed fix, and the hardest control points now live in the details of how individual developers configure their tools. The optimistic note: because agent-to-model and agent-to-agent calls can be logged, you can actually see what an agent is doing, an advantage over the opacity of the human mind. The episode closes on what’s still missing and a clear first step for any organization: get an overview of every agent and MCP server in use, and the access each one has.

Threat Talks is a podcast by ON2IT cybersecurity and AMS-IX. New episode every Tuesday. Follow Threat Talks to stay up to date on the topic of cybersecurity.

adbl_web_anon_alc_button_suppression_t1
No reviews yet