The Centre for Internet Security (CIS), Astrix Security, and Cequence Security announced the release of three new CIS Critical Security Controls (CIS Controls) Companion Guides designed to help enterprises secure rapidly evolving AI environments.
Co‑authored by experts across all three organisations, the guides extend the CIS Critical Security Controls into AI systems where large language models (LLMs), autonomous agents, and Model Context Protocol (MCP) integrations introduce new and unique risks. Each guide focuses on a distinct layer of the AI ecosystem, offering targeted guidance aligned with how modern AI systems operate:
- AI LLM Companion Guide: Provides guidance for securing large language models, including risks related to prompts, context handling, and exposure of sensitive information.
- AI Agent Companion Guide: Outlines controls for managing autonomous and semi-autonomous agents, focusing on safe tool execution, governed autonomy, and appropriate access to enterprise systems.
- MCP Companion Guide: Details protections for Model Context Protocol environments, emphasising secure tool access, management of Non-Human Identities (NHIs), and auditable interactions across the protocol layer.
As AI becomes deeply embedded in production workflows – from copilots to autonomous task execution to tool-integrated systems – security teams are confronting risks that traditional controls were never built to address. These include data leakage, unbounded agent autonomy, credential misuse, and unsafe or inappropriate execution of tools. The new Companion Guides offer practical, prioritised guidance that reflects how AI is actually deployed in modern enterprises.
“These guides reflect a shared effort to bring clarity to an area where organisations are seeking direction,” said Curtis Dukes, Executive Vice President and General Manager of Security Best Practices at CIS. “By combining our collective expertise, we translated the CIS Controls into concrete steps that help teams secure AI systems across the model, agent, and protocol layers.”
Astrix contributed deep expertise in securing AI agents, MCP servers, and NHIs, including API keys, service accounts, and OAuth tokens that connect AI systems to enterprise resources.
“AI agents introduce a new operational surface that organisations must understand before they scale,” said Jonathan Sander, Field CTO of Astrix Security. “Collaborating with CIS and Cequence allowed us to build guidance that addresses identity, authorisation, and execution risks in a way that’s both actionable and aligned with how enterprises work today.”
Cequence brought extensive experience in securing enterprise applications, data, and APIs, shaping guidance around visibility, governance, and control over what AI systems can access and execute.
“As AI systems interact more directly with applications and APIs, the security implications become increasingly critical,” said Shreyans Mehta, CTO and Co-Founder of Cequence Security. “This partnership enabled us to create guidelines that codify what we’ve learned about deploying agentic AI at the world’s largest enterprises without sacrificing security, governance, or scale, giving organisations a framework for enabling agentic AI safely.”
How the companion guides support organisations
Together, the three Companion Guides give security and IT teams a unified way to apply the CIS Controls to AI systems that behave and evolve differently from traditional software. By extending the Controls into environments powered by LLMs, autonomous agents, and MCP-based integrations, the guidance helps organisations understand where risks emerge and how to address them with guidance that reflects real-world deployment patterns.
The guides:
- Adapt the CIS Controls to AI-driven architectures, helping teams secure LLMs, agentic systems, and MCP interfaces without adopting a new framework.
- Provide clear, prioritised recommendations that support responsible AI adoption across development, deployment, and operational phases.
- Blend the strengths of all three organisations by combining standards leadership with deep expertise in agentic AI and API-centric security.
- Cover the full AI security stack, from model inputs and context handling to agent reasoning, tool execution, and protocol-level access.
Join CIS, Astrix, and Cequence on May 13 at 1:00 p.m. ET for From Prompts to Protocols: The Security Blueprint for Enterprise AI. The teams will highlight key insights and offer guidance for security teams, developers, and AI practitioners.
Discussion about this post