The proper way to proceed is for every agent in your environment — whether IT authorized, LOB launched, or that of a third party — to be tracked and controlled by PKI identities from agentic authentication vendors. Extreme defense would include instructing all authorized agents to refuse communication from any agent without full identification. Unfortunately, autonomous agents — like their gen AI cousins — often ignore instructions (aka guardrails).
“Agentic-friendly encounters conflict with essential security principles. Enterprises cannot risk scenarios where agents autonomously discover each other, establish communication channels, and form transactional relationships,” says Kanwar Preet Singh Sandhu, who tracks cybersecurity strategies for Tata Consultancy Services.
“When IT designs a system, its tasks and objectives should be clearly defined and restricted to those duties,” he adds. “While agent-to-agent encounters are technically possible, they pose serious risks to principles like least privilege and segregation of duties.For structured and planned collaboration or integration, organizations must follow stringent protocols such as MCP [Model Context Protocol] and A2A [Agent to Agent], which were created precisely for this purpose.”
