Companies may have cybersecurity teams in place, but many still aren’t prepared for how AI systems actually fail, says an AI security researcher.<\/p>\n
Sander Schulhoff, who wrote one of the earliest prompt engineering guides and focuses on AI system vulnerabilities, said on an episode of “Lenny’s Podcast” published Sunday that many organizations lack the talent needed to understand and fix AI security risks.<\/p>\n
Traditional cybersecurity teams are trained to patch bugs and address known vulnerabilities, but AI doesn’t behave that way.<\/p>\n
“You can patch a bug, but you can’t patch a brain,” Schulhoff said, describing what he sees as a mismatch between how security teams think and how large language models fail.<\/p>\n
“There’s this disconnect about how AI works compared to classical cybersecurity,” he added.<\/p>\n
<\/p>\n
\n Every time Lee Chong Ming publishes a story, you\u2019ll get an alert straight to your inbox!\n <\/p>\n
\n Stay connected to Lee Chong Ming and get more of their work as it publishes.\n <\/p>\n
That gap shows up in real-world deployments. Cybersecurity professionals may review an AI system for technical flaws without asking: “What if someone tricks the AI into doing something it shouldn’t?” said Schulhoff, who runs a prompt engineering platform and an AI red-teaming hackathon.<\/p>\n
Unlike traditional software, AI systems can be manipulated<\/a> through language and indirect instructions, he added.<\/p>\n Schulhoff said people with experience in both AI security and cybersecurity would know what to do if an AI model is tricked into generating malicious code. For example, they would run the code in a container and ensure the AI’s output doesn’t affect the rest of the system.<\/p>\n The intersection of AI security and traditional cybersecurity is where “the security jobs of the future are,” he added.<\/p>\n The rise of AI security startups<\/p>\n Schulhoff also said that many AI security startups are pitching guardrails that don’t offer real protection. Because AI systems can be manipulated in countless ways, claims that these tools can “catch everything” are misleading.<\/p>\n “That’s a complete lie,” he said, adding that there would be a market correction in which “the revenue just completely dries up for these guardrails and automated red-teaming companies.”<\/p>\n AI security startups<\/a> have been riding the wave of investor interest. Big Tech and venture capital firms have poured money into the space as companies rush to secure AI systems.<\/p>\n