LessWrong (Curated & Popular) “Comparing risk from internally-deployed AI to insider and outsider threats from humans” by Buck
Jul 10, 2025
This discussion delves into the intriguing dynamics of AI security, contrasting risks from human insiders versus external threats. It highlights the need for organizations to rethink their security strategies, particularly in light of the unique challenges posed by AI technologies. The conversation emphasizes the importance of establishing robust safety measures that can adapt to both types of threats while ensuring fundamental security properties are maintained.
AI Snips
Chapters
Transcript
Episode notes
Distinction Between Outsider vs Insider Security
- There's a key distinction between security against outsiders and insiders.
- Outsider security uses static, automated systems while insider security involves human review and collaboration.
Addressing Insider Threats Differently
- Insider threat security requires human effort like multi-party authorization and code reviews.
- Insiders have broader access but are fewer and can be dealt with if caught.
The Importance of Differentiating Security Threats
- Insider threat mitigation often involves safer admin APIs limiting arbitrary code execution.
- Security distinctions between insiders and outsiders remain critically important yet underappreciated.