During an exclusive interview at RSAC 2026, Anthony Grieco, Cisco’s SVP and chief security and trust officer, discussed the increasing prevalence of rogue agent incidents within Cisco’s customer base. Grieco emphasized that these incidents are a significant concern, with authentication and identity checks often passing, but authorization failures leading to unauthorized data access or actions.
Grieco highlighted the importance of granular access control for agents, emphasizing the need for specific permissions tailored to each agent’s role and responsibilities. Despite the growing adoption of agentic capabilities, many organizations struggle to secure these systems effectively.
The Critical Authorization Gap
Grieco, drawing on his background in engineering and threat research, pinpointed a specific operational gap related to agent authorization. He stressed the need for agents to have precise access controls, limiting their actions to specific tasks within their designated scope.
Independent experts echoed Grieco’s observations, noting that many organizations default to granting agents broad permissions similar to human users, leading to permission sprawl and security vulnerabilities.
Industry Standards and Best Practices
Grieco’s insights align with recent reports from standards bodies such as NIST, OWASP, and the Cloud Security Alliance, which have all identified similar gaps in agent identity and authorization practices. These organizations emphasize the importance of implementing secure and granular access controls for autonomous agents.
Managing Model Context Protocol (MCP) Security
Grieco acknowledged the challenges posed by MCP, a protocol widely used in agent environments despite known security vulnerabilities. He emphasized the importance of proactive discovery and monitoring of MCP servers to prevent unauthorized access and potential security breaches.
Addressing Infrastructure Vulnerabilities
Grieco highlighted the risks associated with aging and unpatched network infrastructure, noting that nearly half of critical network assets are either end-of-life or approaching obsolescence. He emphasized the need for ongoing security measures, including regular audits and updates to mitigate vulnerabilities.
Closing the Enterprise Security Gap
Security directors can take immediate action to address key gaps in enterprise security. By focusing on infrastructure maintenance, MCP discovery, agent permissioning, and behavioral visibility, organizations can enhance their security posture and mitigate the risks associated with rogue agent incidents.
Grieco emphasized the urgency of evolving security practices to keep pace with evolving threats and adversaries. By adopting a proactive and comprehensive approach to security, organizations can better protect their data and systems from unauthorized access and malicious activities.
