{"id":3035,"date":"2025-12-12T14:19:42","date_gmt":"2025-12-12T14:19:42","guid":{"rendered":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/2025\/12\/12\/is-ai-the-new-insider-threat\/"},"modified":"2025-12-12T14:19:42","modified_gmt":"2025-12-12T14:19:42","slug":"is-ai-the-new-insider-threat","status":"publish","type":"post","link":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/2025\/12\/12\/is-ai-the-new-insider-threat\/","title":{"rendered":"Is AI the New Insider Threat?"},"content":{"rendered":"<div class=\"wp-block-ponyo-image\">\n                <img data-opt-id=1862122883  fetchpriority=\"high\" decoding=\"async\" width=\"717\" height=\"348\" src=\"https:\/\/www.docker.com\/app\/uploads\/2025\/12\/undefined-Imgur-8.jpg\" class=\"fade-in attachment-full size-full\" alt=\"undefined Imgur 8\" title=\"- undefined Imgur 8\" \/>\n        <\/div>\n<p>Insider threats have always been difficult to manage because they blur the line between trusted access and risky behavior.\u00a0<\/p>\n\n<p>With generative AI, these risks aren\u2019t tied to malicious insiders misusing credentials or bypassing controls; they come from well-intentioned employees simply trying to get work done faster. Whether it\u2019s developers refactoring code, analysts summarizing long reports, or marketers drafting campaigns, the underlying motivation is almost always productivity and efficiency.<\/p>\n\n<p>Unfortunately, that\u2019s precisely what makes this risk so difficult to manage. Employees don\u2019t see themselves as creating security problems; they\u2019re solving bottlenecks. Security is an afterthought at best.\u00a0<\/p>\n\n<p>This gap in perception creates an opportunity for missteps. By the time IT or security teams realize an AI tool has been widely adopted, patterns of risky use may already be deeply embedded in workflows.<\/p>\n\n<p>Right now, AI use in the workplace is a bit of a free-for-all. And when everyone\u2019s saying \u201cit\u2019s fun\u201d and \u201ceveryone\u2019s doing it\u201d, it feels like being back in high school: no one wants to be *that* person telling them to stop because it\u2019s risky.\u00a0<\/p>\n\n<p>But, as security, we do have a responsibility.<\/p>\n\n<p>In this article, I explore the risks of unmanaged AI use, why existing security approaches fall short, and suggest one thing I believe we can do to balance users\u2019 enthusiasm with responsibility (without being the party pooper).<\/p>\n\n<h2 class=\"wp-block-heading\">Examples of Risky AI Use<\/h2>\n<p>The risks of AI use in the workplace usually fall into one of three categories:<\/p>\n<ul class=\"wp-block-list\">\n<li>Sensitive data breaches: A single pasted transcript, log, or API key may seem minor, but once outside company boundaries, it\u2019s effectively gone, subject to provider retention and analysis.<\/li>\n<li>Intellectual property leakage: Proprietary code, designs, or research drafts fed into AI tools can erode competitive advantage if they become training data or are exposed via prompt injection.<\/li>\n<li>Regulatory and compliance violations: Uploading regulated data <a href=\"https:\/\/www.cdc.gov\/phlp\/php\/resources\/health-insurance-portability-and-accountability-act-of-1996-hipaa.html\" rel=\"nofollow noopener\" target=\"_blank\">HIPAA<\/a>, <a href=\"https:\/\/gdpr-info.eu\/\" rel=\"nofollow noopener\" target=\"_blank\">GDPR<\/a>, etc. into unsanctioned AI systems can trigger fines or legal action, even if no breach occurs.<\/li>\n<\/ul>\n<p>What makes these risks especially difficult is their subtlety. They emerge from everyday workflows, not obvious policy violations, which means they often go unnoticed until the damage is done.<\/p>\n\n<h2 class=\"wp-block-heading\">Shadow AI<\/h2>\n\n<p>For years, <a href=\"https:\/\/www.ibm.com\/think\/topics\/shadow-it\" rel=\"nofollow noopener\" target=\"_blank\">Shadow IT<\/a> has meant unsanctioned SaaS apps, messaging platforms, or file storage systems.\u00a0<\/p>\n\n<p>Generative AI is now firmly in this category.\u00a0<\/p>\n\n<p>Employees don\u2019t think that pasting text into a chatbot like <a href=\"https:\/\/chatgpt.com\/\" rel=\"nofollow noopener\" target=\"_blank\">ChatGPT<\/a> introduces a new system to the enterprise. In practice, however, they\u2019re moving data into an external environment with no oversight, logging, or contractual protection.<\/p>\n\n<p>What\u2019s different about <a href=\"https:\/\/www.ibm.com\/think\/topics\/shadow-ai\" rel=\"nofollow noopener\" target=\"_blank\">Shadow AI<\/a> is the lack of visibility: unlike past technologies, it often leaves no obvious logs, accounts, or alerts for security teams to follow. With cloud file-sharing, security teams could trace uploads, monitor accounts created with corporate emails, or detect suspicious network traffic.\u00a0<\/p>\n\n<p>But AI use often looks like normal browser activity. And while some security teams do scan what employees paste into web forms, those controls are limited.\u00a0<\/p>\n\n<p>Which brings us to the real problem: we don\u2019t really have the tools to manage AI use properly. Not yet, at least.<\/p>\n\n<h2 class=\"wp-block-heading\">Controls Are Lacking<\/h2>\n<p>We all see people trying to get work done faster, and we know we should be putting some guardrails in place, but the options out there are either expensive, complicated, or still figuring themselves out.<\/p>\n\n<p>The few available <a href=\"https:\/\/www.onetrust.com\/solutions\/ai-governance\/\" rel=\"nofollow noopener\" target=\"_blank\">AI governance<\/a> and security tools have clear limitations (even though their marketing might try to convince you otherwise):<\/p>\n\n<ul class=\"wp-block-list\">\n<li>Emerging AI governance platforms offer usage monitoring, policy enforcement, and guardrails around sensitive data, but they\u2019re often expensive, complex, or narrowly focused.<\/li>\n<\/ul>\n<ul class=\"wp-block-list\">\n<li>Traditional controls like DLP and <a href=\"https:\/\/www.crowdstrike.com\/en-us\/cybersecurity-101\/endpoint-security\/extended-detection-and-response-xdr\/\" rel=\"nofollow noopener\" target=\"_blank\">XDR<\/a> catch structured data such as phone numbers, IDs, or internal customer records, but they struggle with more subtle, hard-to-detect information: source code, proprietary algorithms, or strategic documents.<\/li>\n<\/ul>\n<p>Even with these tools, the pace of AI adoption means security teams are often playing catch-up. The reality is that while controls are improving, they rarely keep up with how quickly employees are exploring AI.<\/p>\n\n<h2 class=\"wp-block-heading\">Lessons from Past Security Blind Spots<\/h2>\n\n<p>Employees charging ahead with new tools while security teams scramble to catch up is not so different from the early days of cloud file sharing: employees flocked to Dropbox or Google Drive before IT had sanctioned solutions. Or think back to the rise of <a href=\"https:\/\/www.ibm.com\/think\/topics\/byod\" rel=\"nofollow noopener\" target=\"_blank\">\u201cbring your own device\u201d <\/a>(BYOD), when personal phones and laptops started connecting to corporate networks without clear policies in place.<\/p>\n\n<p>Both movements promised productivity, but they also introduced risks that security teams struggled to manage retroactively.<\/p>\n\n<p>Generative AI is repeating this pattern, only at a much faster rate. While cloud tools or BYOD require some setup, or at least a decision to connect a personal device, AI tools are available instantly in a browser. The barrier to entry is practically zero. That means adoption can spread through an organization long before security leaders even realize it\u2019s happening.\u00a0<\/p>\n\n<p>And as with cloud and BYOD, the sequence is familiar: employee adoption comes first, controls follow later, and those retroactive measures are almost always costlier, clumsier, and less effective than proactive governance.<\/p>\n\n<h2 class=\"wp-block-heading\">So What Can We Do?<\/h2>\n\n<p>Remember: AI-driven insider risk isn\u2019t about bad actors but about good people trying to be productive and efficient. (OK, maybe with a few lazy ones thrown in for good measure.) It\u2019s ordinary rather than malicious behavior that\u2019s unfortunately creating unnecessary exposure.\u00a0<\/p>\n\n<p>That means there\u2019s one measure every organization can implement immediately: educating employees.<\/p>\n\n<p>Education works best when it\u2019s practical and relatable. Think less \u201ccompliance checkbox,\u201d and more \u201chere\u2019s a scenario you\u2019ve probably been in.\u201d That\u2019s how you move from fuzzy awareness to actual behavior change.<\/p>\n\n<p>Here are three steps that make a real difference:<\/p>\n<ul class=\"wp-block-list\">\n<li>Build awareness with real examples. Show how pasting code, customer details, or draft plans into a chatbot can have the same impact as posting them publicly. That\u2019s the \u201caha\u201d moment most people need.<\/li>\n<\/ul>\n<div class=\"wp-block-ponyo-image\">\n                <img data-opt-id=962840074  fetchpriority=\"high\" decoding=\"async\" width=\"500\" height=\"500\" src=\"https:\/\/www.docker.com\/app\/uploads\/2025\/12\/undefined-Imgur-9.jpg\" class=\"fade-in attachment-full size-full\" alt=\"undefined Imgur 9\" title=\"- undefined Imgur 9\" \/>\n        <\/div>\n<ul class=\"wp-block-list\">\n<li>Emphasize ownership. Employees already know they shouldn\u2019t reuse passwords or click suspicious links; AI use should be framed in the same personal-responsibility terms. The goal is a culture where people feel they\u2019re protecting the company, not just following rules.<\/li>\n<li>Set clear boundaries. Spell out which categories of data are off-limits <a href=\"https:\/\/www.dol.gov\/general\/ppii\" rel=\"nofollow noopener\" target=\"_blank\">PII<\/a>, source code, unreleased products, regulated records) and offer safe alternatives like internal AI sandboxes. Clarity reduces guesswork and removes the temptation of convenience.<\/li>\n<\/ul>\n<p>Until governance tools mature, these low-friction steps form the strongest defense we have.<\/p>\n\n<p>If you can enable people to harness AI\u2019s productivity while protecting your critical data, you reduce today\u2019s risks. And you\u2019re better prepared for the regulations and oversight that are certain to follow.<\/p>","protected":false},"excerpt":{"rendered":"<p>Insider threats have always been difficult to manage because they blur the line between trusted access and risky behavior.\u00a0 With [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":3036,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[4],"tags":[],"class_list":["post-3035","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-docker"],"_links":{"self":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/posts\/3035","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/comments?post=3035"}],"version-history":[{"count":0,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/posts\/3035\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/media\/3036"}],"wp:attachment":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/media?parent=3035"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/categories?post=3035"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/tags?post=3035"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}