The Cisco post argues that agentic AI requires a new security model because AI agents behave less like software features and more like a digital workforce. Cisco says enterprise interest is rising quickly — its customer poll found that 85% of organizations are actively adopting AI agents, yet only 5% have reached broad production deployment. The article attributes that gap to unresolved concerns around governance and control, especially access management, data exfiltration, and agent autonomy. Cisco’s central point is that traditional Zero Trust models were built for humans and static applications, whereas AI agents operate through toolchains, MCP servers, machine identities, and unpredictable workflows, making legacy controls too fragmented and too coarse for the environments in which agents now act.

The article then presents Cisco’s answer: an extension of its Zero Trust Access architecture for agentic AI that combines agent discovery and identity management, fine-grained access control, and real-time behavioral protection. In Cisco’s model, each agent is registered, linked to a human owner, and governed through enterprise identity systems; permissions are narrowed not just to what services an agent may reach, but to what actions it may take, for how long, and under what conditions. The post also emphasizes runtime monitoring, saying the platform analyzes agent behavior and intent across APIs, MCP servers, and enterprise systems to block abnormal actions, policy violations, or attempts to misuse sensitive tools and data before those actions spread. Overall, the piece is both a diagnosis of why agentic AI adoption is stuck at the pilot stage and a product-oriented argument that secure deployment depends on treating agent behavior, not just identity, as the core perimeter.

‍

Source: https://blogs.cisco.com/security/security-agentic-ai-how-cisco-brings-zero-trust-to-your-new-digital-workforce