The Unpredictability Challenge
Traditional software behaves predictably based on defined rules. AI applications, however, are non-deterministic by nature. This breaks the security contract that enterprises rely on, creating a massive potential blast radius when vulnerabilities are exploited. According to Niv Braun, co-founder and CEO of Noma Security, the rush to deploy AI agents gives security teams little time to catch up, compounding the risk. The core issue is that AI decisions cannot be fully anticipated, making standard security models insufficient.
A Framework for AI Security
Braun argues that effective AI security must rest on two pillars: a holistic framework that can absorb fast moving technologies like the Model Context Protocol (MCP), and deep contextualization. Security teams need to connect posture management, access controls, and runtime monitoring into a single unified signal. Without visibility into what happens during runtime, it is impossible to give good configuration recommendations or know what access to grant an AI agent. This context driven approach helps distinguish legitimate agent actions from real threats.
Source: Healthcareinfosecurity
