Are companies ignoring the potential security risks associated with GenAI?

Are companies ignoring the potential security risks associated with GenAI?

Zscaler is a customer of Business Reporter.

Unless you’ve been disconnected from the world for the past year, you’re likely familiar with names like ChatGPT, Bard, and MidJourney. These tools, based on generative AI (GenAI), have sparked speculation in various industries and roles about their potential benefits.

However, in reality, how have companies effectively addressed the increasing trend of GenAI? Have they been successful in managing the risks and rewards it presents?

Zscaler recently carried out a survey called “All Eyes on Securing GenAI.” This survey involved over 900 IT leaders from 10 different global markets. Our goal was to determine the number of organizations utilizing GenAI tools, how IT departments are overseeing this usage, and if their security strategies have been adjusted accordingly.

The integration of GenAI has quickly been adopted.

The use of GenAI solutions in the business world is rapidly increasing. According to IDC, investment is expected to increase by $127 billion from 2023 to 2027. Our research also confirms this trend, with a significant number of global organizations adopting GenAI tools.

The majority (95%) of the IT leaders who participated in the survey reported that their organizations are currently utilizing GenAI tools in various capacities. The most common use case for these tools is data analysis, with 78% of respondents utilizing them for this purpose. Other common uses include R&D services development (55%) and marketing (53%), while 44% have used GenAI to streamline end user tasks and 41% have used it for logistics.

Is it a hasty decision for companies to implement GenAI in order to keep up with technology and maintain competitiveness, or is it a carefully considered risk? Finding a balance between staying updated and ensuring security is crucial in today’s digital age.

Although the usage of GenAI tools is high, a notable 89% of IT leaders surveyed acknowledge that their organization views them as a potential security hazard. Additionally, nearly half (48%) agree that the current threat may outweigh the potential opportunities these tools offer.

This points to a concerning divide between belief and action, considering only 5 per cent say their organisation is either holding back on usage to see where the technology goes, or has blocked it entirely. Early GenAI adoption appears to be less of a calculated risk than we might like to believe.



<p>Figuring it out: Businesses are adapting to AI use in the workplace </p>
<p>” height=”1667″ width=”2083″ layout=”responsive” i-amphtml-layout=”responsive”><i-amphtml-sizer slot=

Solving the puzzle: Companies are adjusting to incorporate AI technology in their workplaces.

The division between concern and action.

The main worries reported by organizations that do not utilize GenAI include the risk of exposing confidential information, inadequate resources for monitoring, and a lack of knowledge about its risks and advantages. As 23% of organizations that do use GenAI do not monitor its usage, it is evident why insufficient resources for tracking were cited as a concern.

It is essential to have a thorough understanding of the specific security issues that arise when introducing new technology, in order to not overshadow its potential. Neglecting to add extra security measures for GenAI, as one-third of organizations do, is a risky decision that could leave them vulnerable.

Although 31% of this group acknowledges the importance of prioritizing security and has integrated GenAI-specific solutions into their plans, intentions alone are not as impactful as taking action. This is in line with the saying that temporary measures often become permanent.

Slower and consistent

Upon examining the advocates for early adoption of GenAI, the findings were unexpected. Surprisingly, 59% of IT leaders reported driving the adoption, while only 21% were responding to requests from business leads and 5% showed interest from general employees. It seems that the motivation behind this situation is less about pressure to implement new technology and more about IT teams’ desire to stay updated with digital innovation.

The fact that IT teams are not among the first to adopt GenAI should provide comfort for both IT and business leaders. This allows for a strategic approach to the pace of implementation, allowing IT the necessary time to establish strong security measures before potential vulnerabilities become major issues. However, with over half of respondents anticipating a significant increase in interest for GenAI tools by the end of the year, time is running out.

Banning the use of GenAI entirely is not the answer, as it would negatively impact organizations’ competitiveness. The solution lies in implementing a slower, more strategic and systematic approach. As the saying goes, “haste makes waste”, which is applicable in this situation.



<p>Protect the data: the time to act on GenAI security questions is now </p>
<p>” height=”1250″ width=”2188″ layout=”responsive” i-amphtml-layout=”responsive”><i-amphtml-sizer slot=

Secure your data – it is imperative to address GenAI security concerns immediately.

Changing the narrative: turning a threat into an opportunity

Having guidelines for managing GenAI is crucial because each organization will have its own specific needs and uses for these tools. If your organization has not yet established governance protocols or needs to improve them, a useful approach is to bring together a team of experts from different departments (not just IT) to form a “tiger team”. This team can create guidelines for conducting security and privacy risk assessments for new GenAI deployments, make choices on implementing solutions, and address any gaps in understanding about the technology.

In the end, managing GenAI involves protecting data, so it is crucial to properly classify data as a first step. Currently, only 46% of respondents feel confident that all their data has been classified. When data is accurately classified by category and level of confidentiality, it becomes easier to secure and IT can authorize access for specific people, applications, and devices. This Zero Trust approach is crucial for ensuring the safe use of GenAI.

IT teams can easily track tool usage, enforce policies, and control employee access to GenAI sites. Zscaler Data Loss Protection offers integrated protection for three potential sources of data loss: unauthorized apps, authorized apps, and devices.

As new technology arises, it presents both advantageous and disadvantageous applications. However, by implementing proper security protocols, organizations can confidently utilize GenAI’s potential in a safe and responsible manner, turning these tools from a threat to an opportunity.


To access additional details, please visit zscaler.com.

Source: independent.co.uk