What question did this study set out to answer?

The aim is to identify and characterize the governance gap in agentic systems that runtime controls cannot address.

May 16, 2026Open Access

The Layer Beneath the Agents: Why the Next Security Standard Will Not Be Defined by Runtime Controls Alone

Key Points

The aim is to identify and characterize the governance gap in agentic systems that runtime controls cannot address.
Analyzed the structural challenges of agentic systems in relation to security frameworks.
Outlined the foundational governance layer necessary for effective security.
Examined convergence pressures that will influence the development of new security standards.
Identified a significant governance gap in agentic systems not covered by existing runtime controls.
Characterized the foundational layer that underpins effective security measures.
Outlined future pressures that will shape the evolution of security standards.

Abstract

Agentic systems introduce a structural governance gap that runtime security frameworks alone cannot close. This paper identifies that gap, characterizes the foundational governance layer beneath runtime control, and outlines the convergence pressures likely to shape agentic security standards over time. The analysis is independent of any specific product or implementation.

The Layer Beneath the Agents: Why the Next Security Standard Will Not Be Defined by Runtime Controls Alone

Key Points

Abstract

Cite This Study