Member Contribution - Weekly CISO Podcast Pick
This Week's Pick by David B. Cross (CISO, Atlassian)
Series curated by the CISO Platform community, sharing practical security leadership resources recommended by experienced CISOs and senior practitioners.
CISO Tradecraft: Model Context Protocol and AI security governance
David recommended this CISO Tradecraft episode because it gives security leaders a practical introduction to Model Context Protocol, or MCP, and why it matters for enterprise AI adoption.
In the episode, host G Mark Hardy explains how MCP standardizes the way AI systems connect with external tools, data sources, and applications. The discussion is especially relevant for CISOs because it covers prompt injection, tool poisoning, stateful AI workflows, and the governance work needed before MCP-enabled systems become embedded in business processes.
Why this matters to CISOs
MCP is moving AI from isolated chat experiences toward connected workflows that can query systems, call tools, and act on enterprise context. That creates useful automation, but it also changes the security model. CISOs need to know where the agent gets data, which tools it can invoke, how instructions are trusted, and what happens when untrusted content enters the workflow.
The important leadership point is that MCP security cannot wait for a late-stage review. Governance, identity, authorization, logging, and data boundaries need to be designed while teams are still experimenting, not after agents are already tied into production systems.
Copy-paste takeaways for your team
- Treat MCP connections as privileged integration paths, not simple API conveniences.
- Inventory every MCP server, tool permission, data source, and agent workflow before broad rollout.
- Design controls for prompt injection, tool poisoning, excessive permissions, and untrusted content.
- Require logs that show which agent invoked which tool, with what identity, and against which data.
- Bring AI engineering, identity, application security, legal, and risk teams into one governance model.
Standout ideas
- MCP is different from a traditional API pattern because AI agents may carry state and interpret instructions across a broader workflow.
- Tool permissions should be scoped with the same seriousness as human access, service accounts, and automation credentials.
- Security teams need test cases for malicious instructions, hostile documents, unsafe tool chains, and data exfiltration paths.
- A governance framework should define approved MCP use cases, risk tiers, review gates, monitoring expectations, and exception handling.
Try this in the next 7 days
- Ask your AI or platform team whether any MCP servers, agent tools, or similar connector frameworks are already in use.
- Pick one workflow and map the agent, identity, data source, tool permissions, logs, and human approval points.
- Run one prompt injection or tool misuse tabletop against that workflow.
- Create a short approval checklist for new MCP-enabled integrations before they touch sensitive systems.
About David B. Cross
David B. Cross is a CISO and security leader with deep experience across enterprise security, identity, cloud, and executive risk conversations. His weekly recommendations highlight resources that can help CISOs and security teams sharpen their thinking and execution.
Share this with your team
If your organization is testing AI agents, copilots, or tool-connected automation, share this pick with your AI platform, identity, application security, security architecture, and risk teams.
Comments