Cognitive Cybersecurity for Artificial Intelligence: Guardrail Engineering with CCS-7
This work addresses cognitive safety for AI developers and users by highlighting that interventions can vary widely across architectures, making it an incremental but important step in model-specific safety engineering.
The paper tackled the problem of cognitive vulnerabilities in language models, such as emotional framing, by introducing CCS-7, a taxonomy of seven vulnerabilities, and found that a 'Think First, Verify Always' (TFVA) lesson improved human cognitive security by +7.9% in a trial with 151 participants, while guardrail evaluations on 12,180 experiments across seven model architectures showed architecture-dependent risks, with error rates increasing by up to 135% in some cases.
Language models exhibit human-like cognitive vulnerabilities, such as emotional framing, that escape traditional behavioral alignment. We present CCS-7 (Cognitive Cybersecurity Suite), a taxonomy of seven vulnerabilities grounded in human cognitive security research. To establish a human benchmark, we ran a randomized controlled trial with 151 participants: a "Think First, Verify Always" (TFVA) lesson improved cognitive security by +7.9% overall. We then evaluated TFVA-style guardrails across 12,180 experiments on seven diverse language model architectures. Results reveal architecture-dependent risk patterns: some vulnerabilities (e.g., identity confusion) are almost fully mitigated, while others (e.g., source interference) exhibit escalating backfire, with error rates increasing by up to 135% in certain models. Humans, in contrast, show consistent moderate improvement. These findings reframe cognitive safety as a model-specific engineering problem: interventions effective in one architecture may fail, or actively harm, another, underscoring the need for architecture-aware cognitive safety testing before deployment.