We Need a Shared Responsibility Model for AI

The rapid integration of generative AI into browsers, development tools, and enterprise processes has exposed a glaring security blind spot. Recent research shows attackers can exfiltrate data, manipulate AI‑driven browsers, and corrupt core model memories, yet many vendors shrug off these threats, labeling them as user error or social engineering. This defensive posture ignores the reality that AI systems operate across a complex stack where vulnerabilities often span model, interface, and underlying infrastructure.

The cloud industry solved a similar dilemma with the shared‑responsibility model, dividing duties between providers (security of the cloud) and customers (security in the cloud). Applying that framework to AI creates three clear layers: AI‑as‑SaaS, where vendors safeguard platform integrity while users manage data inputs; AI‑as‑PaaS, where providers enforce sandboxing and API safety, and customers vet plugins and enforce governance; and AI‑as‑IaaS, where organizations design secure autonomous agents and data pipelines, while model providers maintain infrastructure and model integrity. This layered approach clarifies expectations and forces both sides to invest in robust security controls.

Adopting a shared‑responsibility model for AI is not just a best practice—it’s a prerequisite for sustainable adoption. Regulators are beginning to scrutinize AI risk, and enterprises that proactively define responsibility boundaries will avoid costly breaches and reputational damage. By learning from the cloud’s evolution, the AI ecosystem can pre‑empt the next wave of attacks, fostering trust and accelerating innovation across the industry.