The baseline for AI Security is set by the market of people's behavior

May 29, 2025

We're about to get precisely the right amount of AI Security. No more and no less.

I've talked before about what I called the Efficient Security Principle, which says the excitement for a technology lowers its required security bar.

That's definitely happening with AI, but I'm interested in another aspect of the principle.

It doesn't really matter what any individual or group does to increase or reduce AI Security, because that security baseline is determined by overall human interaction with the technology.

1. If we don't have enough security, but not enough bad things happen, security won't increase despite anyone's Heroic efforts.

2. Conversely, we can release a torrent of AI slop with no security whatsoever, and if one or more breaches are so bad that they slap people awake…increased security will happen almost overnight.

In other words, the amount of security that we get and maintain will be precisely the "right" amount.

Not the amount that us security people want—or that really anyone sees as the perfect or adequate amount—but the "right" amount in terms of a business/risk functional equilibrium.

All this to say…

Don't worry too much about AI Security.

It's going to be a horror show, and it's already started. But there's nothing that any one person or group can do to actually move the baseline.

The baseline moves on its own, with the mass of a dozen suns, based on how well the tech is working for people as a whole compared to how afraid people are to use it.

That equilibrium is not something we can control. It moves by itself based on what actually happens in the world.

• When massive, significant incidents happen—security will increase
• When things are mostly quiet (like the billions lost every year from online banking security issues), people will yawn and accept, and security improvements will stagnate.

As security people, we need to acknowledge that no amount of rooftop screaming will affect this dynamic.

Let's relax a bit, put on our shepherd's gear, and try to guide people the best we can through this insane moment in history.