The MCP Maturity Model: From Chaos to Governance

Shannon Williams, co-founder of Obot AI and Rancher Labs, and former CNCF governing board member, delivers the keynote at the Agentic AI Foundation Summit. He walks through a year of helping companies make sense of MCP at scale: the shadow MCP problem, the real breaches that surfaced it, and the four-stage maturity model that maps how enterprises are climbing out of chaos. If you are responsible for AI adoption, governance, or platform security in 2026, this is the field report. The Shadow MCP Problem: why almost every enterprise already has MCP servers running it does not know about The Healthcare Breach Story: how one company discovered its MCP footprint only after data started flowing somewhere it should not One Year of MCP Attacks: the timeline from the first malicious lookalike MCPs last fall through reference-server vulnerabilities and upgrade-channel attacks The Four-Stage MCP Maturity Model: chaos, standardization, gateway and access control, and AI-driven governance Stage 2 Reality: enterprise agreements with Anthropic, OpenAI, and Cursor are how most companies are climbing out of shadow IT Stage 3 Patterns: MCP gateways behind proxies, identity-provider integration with Okta and Entra, granular per-tool access, full transaction audit Stage 4 Future: applying AI to the audit logs themselves so policy enforcement scales Beyond the Gateway: why local clients like Cursor, Claude Code, and stdio MCPs are now the next security frontier The Skills, Plugins, and Agents Explosion: how the MCP picture got messier in six months and what to do about it A 3-Step Action Plan: audit your environment, map your exposure, then apply governance Built for platform leads, security teams, and engineering executives trying to enable agentic AI without absorbing the blast radius. Links and Resources: Agentic AI Foundation: https://agenticaifoundation.com Obot AI: https://obot.ai Obot on GitHub: https://github.com/obot-platform/obot Shannon Williams on LinkedIn:   / shannonwilliams2   Model Context Protocol: https://modelcontextprotocol.io Timestamps (approximate, may need adjustment): 00:00 Intro: Bangalore, MCP Dev Summit, and the year that was 01:30 What companies actually ask Obot in customer meetings 03:00 The shadow MCP problem and the healthcare breach 04:30 The MCP attack timeline of the last year 06:30 The four-stage MCP maturity model 07:30 Stage 1, shadow MCP: no visibility, downloaded locally 08:30 Stage 2, standardization: enterprise tool agreements 09:30 Stage 3, gateways: access control, audit, identity 10:30 Stage 4, AI-driven governance 11:30 Why the local client is the next security frontier 12:00 Three steps to start: audit, exposure, governance 12:30 Close and applause #MCP #ShadowAI #ModelContextProtocol