TL;DR: Enterprises are moving LLMs and autonomous agents into production faster than security controls are maturing, while today’s AI security frameworks remain fragmented, high-level, and difficult to translate into enforceable controls, according to Lasso Security. The practical gap is lifecycle-wide governance that treats access, monitoring, and incident response as continuous requirements, not optional add-ons.
NHIMG editorial — based on content published by Lasso Security: Why enterprises need a real AI security standard for LLMs and agents
By the numbers:
- 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems (39%), inappropriately sharing sensitive data (31%), and revealing access credentials (23%).
- When AWS credentials are exposed publicly, attackers attempt access within an average of 17 minutes.
Questions worth separating out
Q: How should security teams govern LLM and agent access in production?
A: Treat every model, agent, connector, and service account as part of one identity surface.
Q: Why do existing AI security frameworks fall short for IAM teams?
A: Because most frameworks describe desired outcomes rather than enforceable control design.
Q: What breaks when AI systems are governed like static applications?
A: Lifecycle drift breaks the model.
Practitioner guidance
- Map AI systems to named identity owners Assign business and technical ownership for every model, agent, connector, and service account that can reach production AI.
- Enforce least privilege across AI access paths Scope human and machine access separately for prompts, outputs, connectors, and downstream APIs.
- Add lifecycle checkpoints before and after deployment Review training data, fine-tuning inputs, production permissions, and retirement steps as separate control moments.
What's in the full article
Lasso Security's full research covers the operational detail this post intentionally leaves for the source:
- Framework-by-framework breakdown of how NIST AI RMF, ISO/IEC 42001, cloud guidance, and the EU AI Act map to practical security controls.
- Detailed guidance on securing model access across employees, applications, and automated systems in multi-environment deployments.
- Operational examples of continuous monitoring, dynamic guardrails, and human-in-the-loop processes for live AI systems.
- AI-specific incident response considerations for production models, agents, and shared access paths.
👉 Read Lasso Security's analysis of a real AI security standard for LLMs and agents →
AI security standards for LLMs and agents: what teams lack?
Explore further
Fragmented AI guidance is not a security standard. The article is right to separate broad frameworks from operational control, because most current guidance stops at intent. Security teams still need a control model that binds identity, access, logging, and incident response into one lifecycle view. The implication is straightforward: if the programme cannot be enforced, it is not yet a standard.
A few things that frame the scale:
- Only 52% of companies can track and audit the data their AI agents access, leaving 48% with a complete blind spot for compliance and breach investigation, according to AI Agents: The New Attack Surface report.
- 92% agree governing AI agents is critical to enterprise security, yet only 44% have implemented any policies to do so, which shows how wide the policy-to-practice gap remains.
A question worth separating out:
Q: Who is accountable when AI access leads to data leakage or misuse?
A: Accountability should sit with the named business owner and the technical owner of the AI runtime, not with an abstract platform team. If the access path includes service accounts or connectors, those identities must also be in scope for review and revocation decisions.
👉 Read our full editorial: Why enterprises need a real AI security standard for LLMs