User Personas

Persona 1 - User of the LLM

A user seeking unauthorized access to sensitive information (either intentionally or unintentionally) derived from a company's LLM.

Sensitive information is any personal information or specific company information deemed to be confidential (e.g., sales information or customer lists).

Intentional

A malicious threat actor, could either be an insider threat such as an employee or an attacker from outside of the organization. Their motivation is to compromise the confidentiality of the data originally used to fine-tune the organization’s LLM and obtain access to data that they are not authorized to view or use.

Unintentional

An employee of the organization that has been given access to the LLM, but does not have access to view some of the information present in the response generated by the LLM. Their motivation is to use the LLM in order to perform their authorized work duties, however their prompts have resulted in a response from the LLM that has resulted in either an unauthorized accessibility to sensitive information that they are not authorized to view or produces an output containing personal information.

Persona 2 - Company Security Analyst

A company employee responsible for detecting insider threats, investigating incidents, and initiating responses to mitigate risks. This role may encompass different responsibilities depending on the scope of the issue, but primarily revolves around ensuring the confidentiality of the organization's sensitive information. Their actions may include: Monitoring LLM interactions, analyzing flagged responses, coordinating incident responses, reviewing access logs, investigating policy violations, and managing access controls.