Agentic AI Security Risks Rise with MCP and A2A Protocols

The rapid evolution of agentic AI — autonomous systems capable of making decisions, discovering tools, and collaborating with other agents — is reshaping enterprise cybersecurity. As organizations embrace frameworks such as Anthropic’s Model Context Protocol (MCP), Google’s Agent-to-Agent (A2A), and IBM’s Agent Communication Protocol (ACP), experts warn that the next wave of cybersecurity threats will come not from data breaches, but from “agent breaches.” 

Unlike traditional breaches that expose sensitive data, agent breaches involve unintended or unauthorized agent behavior, where AI models misinterpret commands, access restricted systems, or share information across unsecured channels. These incidents unfold at machine speed, making them faster and more damaging than human-led attacks. 

Key security challenges include: 

• MCP vulnerabilities: Agents can dynamically discover tools, but without verification layers, they risk interacting with untrusted or malicious applications. 

• A2A accountability gaps: When agents from different vendors communicate, ownership of decisions and data integrity becomes unclear. 

• Exploitable attack surfaces: Hackers may extract model architectures, steal tool schemas, or manipulate agent instructions to access corporate systems. 

Real-world examples highlight how attackers could trick payment agents into fraudulent transactions or manipulate multi-agent decision systems over time through data poisoning. 

To mitigate these risks, cybersecurity leaders recommend a five-step framework for safe AI adoption: 

1. Centralize model access through monitored gateways. 
2. Use hyperscaler tools but retain control of model selection. 
3. Enforce vendor compliance with internal governance. 
4. Standardize processes for AI cost, testing, and model drift. 
5. Maintain a secure repository for prompts and tools. 

The shift from preventing data breaches to controlling agent behavior marks a new frontier in cybersecurity. As enterprises accelerate GenAI integration, embedding security within agentic AI architectures will be critical to safeguard trust and autonomy in this emerging ecosystem. 

Source: 

https://www.techradar.com/pro/agentic-ai-introduces-new-security-challenges-in-era-of-mcp-and-a2a