The security community spent decades building rules and frameworks that made systems harder to break. AI has fundamentally upended those lessons — attackers are now more enabled than ever, and traditional defences don’t translate. This talk examines prompt injections, indirect prompt injections, and jailbreaks, showing why each resists simple fixes. Drawing on hands-on experience building AI security tools, I’ll demonstrate why rules-based approaches fail against systems that interpret natural language as instruction. But there is hope: I’ll share defensive approaches that actually work and outline a credible path toward resilient AI systems.
