Model Security Is the Wrong Frame – The Real Risk Is Workflow Security

Forget model security — the real threat is workflow security. AI security risks are shifting from models to workflows after malicious extensions stole chat data from 900,000 users & prompt injections abused AI to execute unauthorized actions.

The article argues that focusing solely on securing AI models is missing the bigger picture. The real vulnerabilities lie in the workflows — the processes, integrations, and tools that surround AI systems.

Recent incidents highlight this shift: malicious browser extensions compromised chat data from nearly a million users, and prompt injection attacks manipulated AI to perform unintended tasks.

Key takeaway: It's not just about protecting the AI brain anymore — it's about securing the entire nervous system it operates in.