The most dangerous AI deployment I assess is the one that's been fully approved. The security team signed off on it. It had access to email, calendar, Slack, and the internal document store. Each plugin had been individually reviewed. Each connection had been individually authorised. What they hadn't reviewed was the combination: what an attacker could achieve by using the email plugin to read a malicious message, which injected instructions that used the Slack plugin to exfiltrate data, which used…
No comments:
Post a Comment