Model Context Protocol gives agents a clean way to call tools, but it also gives every piece of retrieved content a direct line to those tools. The classic confused deputy problem is back, and most deployments are not handling it.
Agentic AI breaks the assumptions baked into service accounts and long-lived API keys. Here is what an honest non-human identity model looks like when an LLM is the principal making the call.
Agentic systems with tool calls, MCP servers, and dynamic context don’t fit the static system boundary model RMF was built for. Here is how to draw a defensible boundary in 2026.
RMF Control AC-25: Reference Monitor is a cybersecurity control that helps to protect information systems by ensuring that all access to information systems and resources is monitored and controlled. This control is important because it can help to prevent unauthorized access to information systems and resources, and to detect and respond to unauthorized access attempts.
RMF Control AC-24: Access Control Decisions is a cybersecurity control that helps to protect information systems by ensuring that access control decisions are made based on the appropriate security attributes. Access control decisions are the decisions that are made about who can access which resources in an information system. Access Control Decisions Requirements The RMF …
RMF Control AC-23: Data Mining Protection is a cybersecurity control that helps to protect information systems by detecting and protecting against unauthorized data mining. Data mining is the process of extracting knowledge from large datasets. While data mining can be a valuable tool, it can also be used to compromise the security of information systems. …
RMF Control AC-22: Publicly Accessible Content is a cybersecurity control that helps to protect information systems by ensuring that publicly accessible content does not contain nonpublic information. This control is important because it can help to prevent unauthorized access to nonpublic information and to reduce the risk of data breaches. Publicly Accessible Content Requirements The …
RMF Control AC-21: Information Sharing is a cybersecurity control that helps to protect information systems by facilitating and controlling the sharing of information between organizations. This control is important because it can help to improve the security posture of all organizations involved in the information sharing process. Information Sharing Requirements The RMF Control AC-21: Information …
RMF Control AC-20: Use of External Systems is a cybersecurity control that helps to protect information systems by limiting the use of external systems to access or process organization-controlled information. This control is important because it can help to prevent unauthorized access to information systems and data. Use of External Systems Requirements The RMF Control …
RMF Control AC-19: Access Control for Mobile Devices is a cybersecurity control that helps to protect information systems by controlling access to information systems from mobile devices. This control is important because it can help to prevent unauthorized access to information systems and data. Access Control for Mobile Devices Requirements The RMF Control AC-19: Access …
