Tackling Agentic AI security

December 1, 2025 Holt Hackney Applications & Technology, Artificial Intelligence, IT Governance, Security, Software, Strategy & Planning, Uncategorized 0

By Sandeep Singh

Executive Summary

Agentic AI introduces unique security challenges beyond traditional GenAI and model security. My initial framework (v1.0) outlines core security layers — LLMs, tools, memory — alongside governance, IAM, observability, and resilience strategies.

Recently, I decided to dive into the topic of Agentic AI Security. My usual approach is to start with highly rated books on platforms like Amazon or from reputable publishers. To my surprise, I found that there are very few resources explicitly dedicated to the Security of Agentic AI. Most available material focuses on GenAI Security or Model-level security, leaving a significant gap in guidance for securing Agentic AI-based agents.

What stood out even more was the lack of consensus among authors on which frameworks or standards should be applied.

Key Questions That Emerged:

  1. Should we apply fundamental cybersecurity principles to Agentic AI ecosystems?
    2. Which security capabilities are most impacted by Agentic AI triggers?
    3. How should Agentic AI security differ from non-agentic AI solutions?
    4. Can we combine existing security guidelines with Agentic AI-specific layers?
    5. With LLMs (and SLMs) at the core, should security strategies differ for open-source vs. closed-source platforms?
    6. How do we address new challenges like MCP, A2A-Agent-to-Agent communication security, and compare them to traditional ESB orchestration?
    7. What about machine learning, resilience for critical agents, and interface security (API tokens, AI gateways)?
    8. What policies should govern both the core Agentic AI layer and supporting platforms?

Agentic AI systems typically consist of: LLM Models, Tools and Memory

Surrounding these are platforms, policies, threat models, prompt/context engineering, and foundational areas like IAM, observability, DevSecOps, and regulatory compliance.

To tackle the security complexity, break security into capabilities and map them to the platform layers.

This is a starting point, and I plan to refine it further after reviewing more whitepapers and industry insights during the upcoming holidays. Consider this an early vision for overall securing Agentic AI-based agents, whether built using pro-code or low-code approaches.

Sandeep is Principle architect, AVP of global architecture, at Manulife. He is an experienced, senior-level IT professional  with more than 25 year’s experience whose passion is to inspire growth, Learn and Research. Leveraging his extensive background in software development, Enterprise architecture, and solution architecture, he has been instrumental in navigating the challenges of global architecture, and data in various regions including North America, Asia and other regions.