LLM Scalability Risk for Agentic-AI and Model Supply Chain Security

TL;DR

This paper analyzes the security risks associated with deploying large language models in cybersecurity, introducing frameworks to assess and mitigate scalability and supply chain vulnerabilities.

Contribution

It introduces the LLM Scalability Risk Index and a model-supply-chain framework to evaluate and enhance security in LLM deployment environments.

Findings

The LSRI effectively stress-tests operational risks.

The supply chain framework establishes verifiable trust.

Synthesizes defense strategies from major platforms.

Abstract

Large Language Models (LLMs) & Generative AI are transforming cybersecurity, enabling both advanced defenses and new attacks. Organizations now use LLMs for threat detection, code review, and DevSecOps automation, while adversaries leverage them to produce malwares and run targeted social-engineering campaigns. This paper presents a unified analysis integrating offensive and defensive perspectives on GenAI-driven cybersecurity. Drawing on 70 academic, industry, and policy sources, it analyzes the rise of AI-facilitated threats and its implications for global security to ground necessity for scalable defensive mechanisms. We introduce two primary contributions: the LLM Scalability Risk Index (LSRI), a parametric framework to stress-test operational risks when deploying LLMs in security-critical environments & a model-supply-chain framework establishing a verifiable root of trust throughout model lifecycle. We also synthesize defense strategies from platforms like Google Play Protect, Microsoft Security Copilot and outline a governance roadmap for secure, large-scale LLM deployment.