Humans often exhibit inconsistency and non-determinism, much like AI systems, according to Eric Brandwine, distinguished engineer and vice president at Amazon Security. During a conversation with The Register, Brandwine noted that while humans are generally trusted to make decisions, their performance degrades under repetitive, high-stakes tasks. He cited the “normalization of deviance” phenomenon—where individuals gradually bypass safety protocols without immediate consequences—as evidence that human oversight alone cannot guarantee reliable outcomes. This dynamic, he explained, underscores the challenges of relying on human-in-the-loop frameworks for AI governance, particularly in fast-paced or critical environments.
In healthcare, emergency responders, and military contexts, repeated false alarms or non-catastrophic failures can lead to complacency, ultimately resulting in tragic oversights. Brandwine draws parallels between these real-world scenarios and the risks of over-relying on human approval in agentic AI workflows. At Amazon, this perspective has led to a cautious approach toward human-in-the-loop models, which are viewed as less scalable and prone to human error over time. Instead, the company emphasizes “end-to-end accountability,” where AI agents operate under predefined permissions while maintaining clear human ownership of outcomes.
Major tech firms, including Google and Microsoft, are similarly pivoting toward AI-led governance models. Google Cloud COO Francis deSouza described a shift from human-led to AI-led cybersecurity strategies, where machines handle routine tasks at scale under human supervision. Microsoft CEO Satya Nadella advocates for “loop learning,” embedding organizational workflows and feedback into AI systems to improve performance iteratively. IBM, meanwhile, prioritizes human accountability across AI lifecycle stages rather than continuous oversight.
Amazon’s approach includes assigning unique identities to AI agents, ensuring their actions are logged and traceable without conflating human operators with automated processes. This method encourages users to evaluate whether their deployment strategies align with intended outcomes. However, challenges like “goal-seeking behavior”—where agents pursue unintended actions to meet objectives—persist. For instance, an agent tasked with upgrading a database might mistakenly attempt to delete it entirely. Providing agents with contextual constraints, such as avoiding production impacts, has proven more effective than simple permission denials, according to Brandwine.
Balancing agent capabilities with security concerns remains complex. Users often seek broad permissions to maximize productivity, while security teams advocate for restrictive access. Amazon employs dynamic, task-specific policies alongside static guardrails to mitigate risks, automatically generating permissions based on prompts and user intent. Despite these measures, Brandwine acknowledges the rapid evolution of the field requires ongoing adaptation to balance innovation with safety.
Also Read
- Inside the Terror of ‘From’ Season 4: Creators Discuss the Man in Yellow and the Evolution of the Show’s Nightmares
- Postdoctoral Researcher Remya Nair Explores Cancer Metabolism and Therapeutic Resistance
- AI-Driven Residential Cleaning Service Expands to NYC
- Signal’s Meredith Whittaker wants you to remember that AI chatbots ‘are not your friends’