Notifications
Clear all
Topic starter
12/05/2026 8:00 pm
TL;DR: CIS has published three Companion Guides for LLMs, AI agents, and MCP environments that map AI security back onto the existing CIS Critical Security Controls, highlighting prompt injection, privilege boundaries, and auditable tool use across deterministic systems. The practical shift is governance first: inventory, authorization, and NHI control now define safe AI adoption.
NHIMG editorial — based on research published by Astrix Security.
Questions worth separating out
Q: How should security teams govern AI agents with existing IAM controls?
A: Treat each AI agent as a privileged workload with a dedicated non-human identity, explicit ownership, and tightly scoped permissions.
Q: Why do AI agents create more NHI risk than traditional software services?
A: AI agents can choose actions, chain tools, and operate across contexts, so their credentials often gain broader practical reach than ordinary service accounts.
Q: What is the difference between securing LLMs and securing AI agents?
A: LLM security focuses on inputs, outputs, and data leakage at the model layer.
Practitioner guidance
- Inventory AI systems and connected NHIs first Build a complete register of LLMs, agents, MCP clients, MCP servers, API keys, service accounts, and OAuth tokens before expanding use cases.
- Separate model guidance from authorization logic Ensure prompts, tool outputs, and assistant memory can influence suggestions but never directly approve access, write actions, or privileged tool use.
- Apply least privilege to AI agent credentials Issue distinct non-human identities for different agents and scope each one to the smallest workable set of resources, operations, and time windows.
Security teams should expect their next governance bottleneck to be NHI inventory, not model selection, and they should align that work with OWASP Agentic AI Top 10 and the NIST AI Risk Management Framework?
👉 Read CIS's companion guides for LLM, AI agent, and MCP security controls →
Explore further
View Full Forum → | NHI Foundation Course → | Our Services →
12/05/2026 8:01 pm
A few things worth adding from our research at NHI Mgmt Group.
AI governance must now be read as NHI governance. Once an agent can touch tools, memory, and data through credentials, the security problem stops being theoretical model risk and becomes identity control. The CIS guidance is useful because it places AI back inside the control families security teams already understand. Practitioners should govern agents as privileged workloads, not as chat interfaces.
A few things that frame the scale:
- 92% agree governing AI agents is critical to enterprise security, yet only 44% have implemented any policies to do so, according to AI Agents: The New Attack Surface report.
- Only 52% of companies can track and audit the data their AI agents access, leaving 48% with a complete blind spot for compliance and breach investigation.
A question worth separating out:
Q: When should organisations introduce controls for MCP environments?
A: Controls should be in place before MCP is used to reach production tools or sensitive data. Once MCP becomes the path between an AI system and real operational resources, it needs allowlisting, monitoring, and change control. Waiting until after rollout usually means the most sensitive integrations are already exposed.
👉 Read our full editorial: CIS companion guides bring ai agents and MCP into CIS controls
