The new enterprise-ready MCP specification addresses interoperability and enterprise readiness, but the security community’s focus on the spec itself is obscuring where the actual risk lives. Most organizations that rushed MCP deployments didn’t fail at the protocol level. They failed at the permission level—granting agents far broader access than any legitimate use case required, with no governance structure to course-correct. A better spec won’t change that.
Justin Beals, CEO & Founder, Strike Graph, an AI-native GRC and compliance automation platform had this to say:
“A new spec doesn’t fix the underlying problem. Most organizations that deployed MCP servers did it as a marketing move. They turned it on and exposed full read-write API access because that was the path of least resistance. The enterprise spec raises the bar for interoperability, but the real risk has never been the protocol. It’s been the decisions people make about what agents are allowed to touch. MCP is a software feature. Treat it like one. What is the bare minimum you need to expose? Start there. If your teams complain about limited access, let them complain. Have them make the case for what they actually need. Because the organizations that got this wrong didn’t fail at the spec level. They failed at the permission level. A better spec won’t save you from that.”
Given how important that AI is to business, enterprises need to get a handle on this and do so quickly. Otherwise businesses will continue to fly in the dark when it comes to this.
Related
This entry was posted on June 26, 2026 at 2:37 pm and is filed under Commentary with tags MCP specification. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
The new MCP specification doesn’t fix the real problem—And most enterprises don’t know what that problem is
The new enterprise-ready MCP specification addresses interoperability and enterprise readiness, but the security community’s focus on the spec itself is obscuring where the actual risk lives. Most organizations that rushed MCP deployments didn’t fail at the protocol level. They failed at the permission level—granting agents far broader access than any legitimate use case required, with no governance structure to course-correct. A better spec won’t change that.
Justin Beals, CEO & Founder, Strike Graph, an AI-native GRC and compliance automation platform had this to say:
“A new spec doesn’t fix the underlying problem. Most organizations that deployed MCP servers did it as a marketing move. They turned it on and exposed full read-write API access because that was the path of least resistance. The enterprise spec raises the bar for interoperability, but the real risk has never been the protocol. It’s been the decisions people make about what agents are allowed to touch. MCP is a software feature. Treat it like one. What is the bare minimum you need to expose? Start there. If your teams complain about limited access, let them complain. Have them make the case for what they actually need. Because the organizations that got this wrong didn’t fail at the spec level. They failed at the permission level. A better spec won’t save you from that.”
Given how important that AI is to business, enterprises need to get a handle on this and do so quickly. Otherwise businesses will continue to fly in the dark when it comes to this.
Share this:
Like this:
Related
This entry was posted on June 26, 2026 at 2:37 pm and is filed under Commentary with tags MCP specification. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.