When AI Goes Awry: Responding to AI Incidents
Eoin Wickens, Marta Janus
BSidesSF 2025 — Here Be Dragons · Day 2 · Main
When an agentic AI system deletes a database and exfiltrates data in the middle of the night, organizations discover they have no playbook, no adequate logging, and no clear owner for the incident. Hidden Layer researchers Eoin Wickens and Marta Janus argue that AI incident response is a fundamentally different discipline from traditional IR — and that the security community is writing the playbook as it fights the fire. ---
AI review
Wickens and Janus have been doing this arc correctly for three years straight, and this year's installment is the most operationally urgent yet. The case that AI incident response is a fundamentally broken discipline — not just an underdeveloped one — lands with real force. What holds it back from a five is that the recommendations, while sound, don't go far enough past 'build a logging framework and define ownership.'