Loophole in the EU AI Act: How Agentic AI circumvents security rules
The EU AI Act primarily defines systemic risks with regard to large models that exceed certain training thresholds.
However, the current trend toward agentic AI fundamentally challenges this approach. New protocols such as the Model Context Protocol (MCP) and Agent-to-Agent (A2A) enable smaller AI models to operate in chained processes — each remaining below regulatory thresholds, yet collectively posing potentially significant systemic risks.
In his expert article for IT-Sicherheit magazine, asvin CEO Mirko Ross analyzes how this development challenges the regulatory framework of the EU AI Act and outlines approaches needed to mitigate such emerging risks.
Read more in the latest issue: 01/26:
👉 https://www.itsicherheit-online.com/magazin-it-sicherheit/
Konrad Buck
Head of Press and Media Relations
Background & Expert Access for Media
I provide journalists with access to in-depth background information beyond our public materials, including:
- Product & technology insights – technical context, solution architecture, and real-world use cases for professional and trade media
- Expert commentary & background talks – our CEO is available as an expert source on current cybersecurity developments, threat landscapes, and the impact of AI on security and regulation
Media contact
I speak openly, fact-based, and without PR spin. I am a former IT journalist with decades of experience in the IT and cybersecurity space, familiar with the highs and lows of the industry. Off-the-record discussions are possible upon request.
I speak openly, fact-based, and without PR spin. I am a former IT journalist with decades of experience in the IT and cybersecurity space, familiar with the highs and lows of the industry. Off-the-record discussions are possible upon request.
