In a recent interview, Cisco’s Anand Raghavan addressed the critical security vulnerabilities associated with enterprises adopting agentic AI systems. He highlighted the risks posed by Model Context Protocol (MCP) servers, which can be exploited by attackers using plain-language commands rather than traditional coding exploits. These vulnerabilities are heightened by shadow MCP servers that lack proper security oversight, necessitating rigorous verification of AI tools to prevent credential exploitation and tool poisoning. Raghavan emphasized the importance of applying identity management and privilege controls to AI agents, mirroring the security standards for human users. He also discussed the differences between single-turn and multi-turn attacks, noting that multi-turn attacks are four times more successful. Additionally, Raghavan outlined Cisco’s open-source MCP scanner to help organizations identify AI infrastructure vulnerabilities, as well as the productivity benefits of internal AI chatbots. His focus is on delivering secure, generative AI experiences to enhance security in the enterprise landscape.
Source link
Share
Read more