深度 | 安永高轶峰：AI浪潮中，安全是新的护城河

Core Viewpoint - Security risk management is not merely a cost center but a value engine for companies to build brand reputation and gain market trust in the AI era [2][4]. Group 1: AI Risks and Security - AI risks have already become a reality, as evidenced by the recent vulnerability in the open-source model tool Ollama, which had an unprotected port [6][12]. - The notion of "exchanging privacy for convenience" is dangerous and can lead to irreversible risks, as AI can reconstruct personal profiles from fragmented data [6][10]. - AI risks are a "new species," and traditional methods are inadequate to address them due to their inherent complexities, such as algorithmic black boxes and model hallucinations [6][12]. - Companies must develop new AI security protection systems that adapt to these unique characteristics [6][12]. Group 2: Strategic Advantages of Security Compliance - Security compliance should be viewed as a strategic advantage rather than a mere compliance action, with companies encouraged to transform compliance requirements into internal risk control indicators [6][12]. - The approach to AI application registration should focus on enhancing risk management capabilities rather than just fulfilling regulatory requirements [6][15]. Group 3: Recommendations for Enterprises - Companies should adopt a mixed strategy of "core closed-source and peripheral open-source" models, using closed-source for sensitive operations and open-source for innovation [7][23]. - To ensure the long-term success of AI initiatives, companies should cultivate a mindset of curiosity, pragmatism, and respect for compliance [7][24]. - A systematic AI security compliance governance framework should be established, integrating risk management into the entire business lifecycle [7][24]. Group 4: Emerging Threats and Defense Mechanisms - "Prompt injection" attacks are akin to social engineering and require multi-dimensional defense mechanisms, including input filtering and sandbox isolation [7][19]. - Companies should implement behavior monitoring and context tracing to enhance security against sophisticated AI attacks [7][19][20]. - The debate between open-source and closed-source models is not binary; companies should choose based on their specific needs and risk tolerance [7][21][23].