AI CONCERNS FOR CHIEF INFORMATION SECURITY OFFICERS
R&C: How would you characterise the impact on the business world of increasingly sophisticated artificial intelligence (AI) technologies, such as generative AI? To what extent are companies embracing this technology without necessarily giving due regard to the related risks?
Gottehrer: Despite the widespread adoption of generative artificial intelligence (GenAI) by the business world, its impact remains to be seen. Given all the hype surrounding GenAI, it is unclear how many businesses are implementing it because they have identified specific use cases for it and will see a return on their investment in this emerging technology. Depending on the way GenAI tools are used and the data they are given access to, their use can result in operational, legal and reputational risk for a company, including data privacy, cyber security and regulatory compliance risks. These risks can be addressed and mitigated through robust governance frameworks. The speed with which GenAI has become seemingly ubiquitous, raises concerns about whether companies have fully evaluated the potential risks and put appropriate governance mechanisms in place.
Armstrong-Smith: Artificial intelligence (AI) is undeniably one of the defining technologies of our age. Businesses that fail to take advantage of the opportunities that AI can provide risk being left behind in an increasingly competitive landscape. However, as with any technology, the importance of establishing robust security and privacy guardrails and prioritising safe, responsible deployment cannot be overstated. Gen AI presents unique challenges when it comes to building and testing trustworthy AI – without integrating data governance and safeguards into its development lifecycle, businesses risk exposing themselves to significant vulnerabilities, as well as unintended consequences. According to our annual Digital Defence Report, common risks include prompt injection attacks that can compromise systems or exfiltrate sensitive data. Additionally, malicious actors are increasingly exploiting AI for advanced fraud, deepfake impersonations, and performing deeper levels of reconnaissance and espionage on intended targets. To harness the benefits of AI while mitigating its risks, businesses must adopt a proactive approach. This includes rigorous testing, robust data security protocols, and adversarial training to defend against potential exploitation, ensuring AI adoption is both innovative and secure.
Jan-Mar 2025 Issue
Del Monte Fresh Produce Company
Microsoft EMEA