Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Blocking ChatGPT Isn't Security, It's Just Employee Distrust (michaelbastos.com)
4 points by mbastos 7 months ago | hide | past | favorite | 2 comments


The concept of insider risk is that we don't trust the employees, because you can't trust everyone, due to a combination of apathy and potentially malicious activity. Blocking non approved generative AI systems, as well as governing and monitoring the use of approved systems, isn't just good security best practices; it can also be required as part of compliance (depending on your regulatory obligations, if any).

https://www.cisa.gov/topics/physical-security/insider-threat...

https://www.cisa.gov/sites/default/files/2022-11/Insider%20T...


Additional context:

83% of orgs reported at least one insider attack in the last year [1], and insiders are responsible for ~18% of security incidents [2].

[1] https://go1.gurucul.com/2024-insider-threat-report

[2] https://www.verizon.com/business/resources/reports/dbir/




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: