December 26, 2023 at 02:02PM
Security professionals are excited about the potential of generative AI (GenAI) but express concerns about its impact. A survey by Dark Reading finds high awareness and concern about security risks, unauthorized use by employees, and the need for risk management tools in organizations. Respondents also highlight challenges in regulatory compliance, transparency, guidelines, and data governance.
From the meeting notes on Dark Reading’s survey, it is evident that security professionals are both enthusiastic about the potential of Generative AI (GenAI) in their organizations and concerned about the associated risks. The survey reveals a high level of awareness and apprehension about the potential pitfalls of adopting this technology.
The majority of respondents express concerns about the security and safety risks posed by GenAI technologies, with a significant number believing that employees are using public GenAI technologies for work purposes without full authorization. The need for appropriate risk management tools to maintain trust in the technology is emphasized, and several strategies for mitigating risk are identified, including AI governance, defining data guidelines and policy, reviewing responses from GenAI, and setting up an AI application security program. Additionally, awareness training focusing on responsible AI practices is seen as essential by the majority of respondents.
There is a varied opinion on the responsibility for deploying and managing GenAI tools, with different percentages attributing it to IT, cybersecurity, and dedicated AI groups. However, the ultimate responsibility for security and risk management for GenAI falls under cybersecurity for a significant portion of the respondents.
The top challenges identified by survey respondents regarding GenAI security and risk management include uncertainty about regulatory compliance, lack of transparency in third-party GenAI tools, absence of consensus on GenAI guidelines and policies, and data governance issues.
Overall, the meeting notes provide valuable insights into the views and concerns of security professionals regarding GenAI in the enterprise.