Noma Security has added an ability to visually map the relationship between artificial intelligence (AI) agents and the underlying IT environment.
The Agentic Risk Map (ARM) leverages an existing platform developed by Noma Security to map agent-to-agent (A2A) connections, the tools and Model Context Protocol (MCP) servers being accessed, cross-system dependencies, and permission chains. It continuously monitors agent behavior against the established baseline, detecting anomalous actions such as unexpected tool invocations or potential prompt injection attacks.
In addition to making it simpler for security architects to create blueprints for applying controls, the goal is to make it simpler to understand the potential blast radius of any cybersecurity incident involving AI agents, says Roi Alon, a senior product manager for Noma Security.
Cybersecurity and IT teams can also assess the potential blast radius of an AI agent before deployment, adds Alon. That capability enables red teams to stress test AI agents that may have been over-permissioned, which can be a major issue when AI agents inadvertently surface sensitive data in their output, he notes.
Managing and securing AI agents will become a much higher priority in the months ahead as organizations come to understand how aggressively they might access data unless specific controls are in place. More troubling still, AI agents provide cybercriminals with a tempting target that could enable them to not just exfiltrate data but also commandeer entire workflows. “They significantly expand the attack surface,” says Alon.
Unfortunately, instances of shadow IT involving AI technologies are on the rise, so it’s probable AI agents will be deployed with few or no governance controls being in place. More challenging still, new AI agents may be randomly added to an environment without cybersecurity teams ever being notified.
Despite these concerns, the agentic AI genie is not going back in the bottle. Organizations will be deploying AI agents in the hundreds of thousands. In fact, the Futurum Group projects that AI agents will drive $6 trillion in economic value by 2028. The challenge is, as always, balancing the value of the productivity gains for the business against potential risks.
At this point, alas, it’s not a question of if there will be major cybersecurity incidents involving AI agents so much as it is what will be the extent of the damage. As always, the expectation is that cybersecurity teams will prevent as many of those breaches as possible, but in the event of the inevitable, the issue becomes how rapidly cybersecurity teams are able to identify, contain and remediate any threat. The challenge is that given all the dependencies that exist between AI agents and underlying infrastructure it can take a lot longer to successfully respond to a breach.
There’s an old maxim that says no one can manage things they can’t see. AI agents are clearly going to have a major impact on productivity, but they can also easily become too much of a good thing if the proper controls are not in place before they are deployed.
