In companies, AI has long been more than a research object. It automates work processes, generates content, analyzes data and accesses internal infrastructures via agent -controlled systems. With this operationalization, the risk is shifted: Not only how a model was trained is crucial – but also how, where and what it is used for.

Agentic AI in particular, i.e. AI systems that can carry out actions independently, presents companies with new challenges. Because what if these systems interact with privileged user accounts via interfaces? What if AI tools independently access critical systems or manage passwords? This is exactly where potentially serious security gaps are created.

Secure by Design must also mean “Secure in Use”

The discussion about security does not end with the model architecture. Rather, it must consistently run through the entire life cycle of AI: from development to integration to running time monitoring. Principles such as “Least Privilege”, auditability, human control instances and differentiated access control apply not only to humans, but also to AI agents.

A practical approach is the so -called Model Context Protocol (MCP). This protocol makes it possible to embed AI systems into existing zero-trust or zero-knowledge architectures without compromising their basic principles. AI tools do not automatically receive extensive access rights, but only context-dependent, closely defined authorizations-controlled, documented and canceled at any time.

Governance needs technology – not just ethics

As welcome as the EU initiative is: it remains one-sided as long as it focuses on ethical guidelines and voluntary self-commitments. Technical and operational control mechanisms must be considered and co -regulated. Without them, every governance solution remains a torso.

The concept of sovereign AI is becoming more important in this context. Sovereignty means: companies keep sovereignty over their AI use, define their own governance standards and enforce them. This includes treating AI agents such as privileged users-with clear roles, restrictions and audits.

Conclusion: Responsibility does not end in model training

The introduction of AI is not a purely technical project. It is also not a pure compliance process. It’s about operational responsibility. To make the question of how companies ensure that AI does not become a gateway for data abuse or system compromise.

The EU behavioral code marks an important step. But it should be supplemented by guidelines that make the use of AI safely, comprehensible and controllable. Because real AI security begins where ethics is translated into technical reality-in daily operation.



Istaka Karya Membangun Negeri

Building SafetyCommercial ConstructionConstruction InnovationConstruction PlanningConstruction ProjectsConstruction TechnologyConstruction TipsCost ManagementDesign-BuildEco-Friendly ConstructionGeneral ContractingGreen Building MaterialsIndustrial ConstructionInfrastructure DevelopmentPrefabricationProject ManagementQuality ControlRenovation and RemodelingResidential ConstructionSustainable Building
By Leave a Comment on Use AI safely-what the EU behavioral code leaves out

Leave a Reply

Your email address will not be published. Required fields are marked *