In r/AskNetsec, AppSec practitioners describe being expected to "just know AI security" as orgs ship AI features, while teams are short-staffed and executives push LLM rollouts that expand attack surface without clear productivity gains.
Anyone else in security feeling like they're expected to just know AI security now without anyone actually training them on it?
over the last year and a half my org shipped a few AI integrated products and suddenly I'm the person expected to have answers about things I've genuinely never been trained for.
Truly learning and trying to wrangle things on the fly while being extremely short staffed to deal with the number of requests we get.
Feels like a house of cards that’s going to collapse at any minute
executives pushing LLMs don’t understand the actual useful applications for it
This finding is one of many signals tracked across Cyber Security. The live feed updates every few hours with new expert voices, debates, and emerging ideas.
← Back to Cyber Security