Can you set the External Sharing link to Anyone, for only some people in the organisation? i.e. trusted people with a business reason. Then set the org default for everyone else to "new and existing external users"?
Yes you can (well, not as you describe, but with the right end result). If you enable anyone sharing at the organization level, then configure the "Who Can Share" setting (Let only users in selected security group share with authenticated users & via anonymous links), only people in that security group can then share with an anyone link. Everyone else will see that option as disabled. Hope that helps!