TL;DR: GenAI policy management remains hard because teams must set risk thresholds for novel behaviours across dynamic inputs and outputs, according to Lakera’s product update. Opinionated starting policies reduce blank-slate effort, but they also make policy design a governance decision, not just a tuning exercise.
NHIMG editorial — based on content published by Lakera: How to Secure Your GenAI App When You Don’t Know Where to Start
By the numbers:
- When AWS credentials are exposed publicly, attackers attempt access within an average of 17 minutes and as quickly as 9 minutes in some cases.
Questions worth separating out
Q: How should security teams roll out GenAI policy controls without blocking too much?
A: Start with a default policy in logging mode, then move to limited enforcement only after you have observed the application’s normal behaviour.
Q: When does a single sensitivity setting become too simplistic for GenAI governance?
A: A single setting becomes too simplistic when the same threshold is being used across materially different applications, such as customer-facing chatbots and internal assistants.
Q: What do teams get wrong about pre-built GenAI policies?
A: They often assume a pre-built policy is the end state rather than a starting point.
Practitioner guidance
- Define policy baselines by use case Map public-facing, internal-facing, prompt-defense-only, and content-safety scenarios to distinct enforcement defaults before rollout.
- Set threshold ownership before enforcement Document who approves sensitivity changes, who reviews false positives, and what evidence is required before a policy moves from logging to blocking.
- Stage rollout from observation to control Start in logging mode, move to limited blocking, then expand only after you have observed repeatable behaviour and stable exceptions.
What's in the full article
Lakera's full product update covers the operational detail this post intentionally leaves for the source:
- The exact five one-click policy templates and the use cases each one is intended to support.
- The sensitivity guidance for moving from L1 to L4 and the rationale behind each threshold.
- The progression from logging mode to blocked enforcement and how Lakera describes the rollout path.
- The advanced settings workflow for templated guardrails, custom behaviour, and self-hosted deployment.
👉 Read Lakera's update on opinionated GenAI policy management and default controls →
GenAI policy management: what changes when controls start opinionated?
Explore further
Opinionated policy baselines are becoming the real control plane for GenAI. Blank-slate policy design does not scale when applications are being deployed faster than teams can manually assess every prompt path and output pattern. The shift is from configuration as a one-off exercise to governance as a reusable starting point. Practitioners should treat policy baselines as an operating model decision, not a UI convenience.
A few things that frame the scale:
- The average estimated time to remediate a leaked secret is 27 days, despite 75% of organisations expressing strong confidence in their secrets management capabilities, according to The State of Secrets in AppSec.
- Only 44% of developers are reported to follow security best practices for secrets management, exposing a significant developer behaviour gap, according to the same research.
A question worth separating out:
Q: Who should own policy decisions for GenAI applications?
A: Ownership should sit with the team responsible for the risk appetite, enforcement criteria, and exception handling, usually across security, platform, and application leadership. GenAI policy is not just a technical setting. It is a governance decision that affects how fast teams can deploy, how much they can trust the system, and how they respond when behaviour changes.
👉 Read our full editorial: GenAI policy management is shifting from blank slates to opinionated controls