To assist with this, I have been reassigned to work on security related tasks. Things like tightening up our firewalls and drafting up security related company policies which up to this point we have never had.
In the last 3 months there has been a noticeable increase in demands for these restrictions to be lifted for AI purposes. I don't know why it's so sudden. Maybe because of OpenClaw and similar projects getting steam lately, or maybe because directors feel compelled to spend some of the AI budget they've gotten this year. All I know is, I am now getting requests every week about things like adding exceptions to our production database firewall so AI companies can query it. Things we have never done in the 5+ years I've worked here.
I'm starting to feel overwhelmed, like one person trying to stop a train. The entire C suite talks about AI almost every day, and I feel no one shares the same security concerns as me. As the person who is increasingly responsible for security, I feel I have suddenly been put in a difficult spot. I wish I didn't have to worry about this, so I could focus on other security issues I feel are more important. For instance, by default almost everyone is admin to everything, which I feel is important to address. But I don't feel I can fight all these battles at the same time.
I'm wondering if anyone else has run into something similar and what the ultimate decision was. Did you start opening up access, or did you keep it locked down?