#Canada #OpenText #Waterloo #GenAI #Ponemon Institute

The Growing Need for Security in Generative AI

As generative AI technology continues to advance, many enterprises are embracing these tools to enhance efficiencies within their operations. A new report from OpenText in collaboration with the Ponemon Institute reveals alarming gaps in security practices among organizations rapidly adopting Generative AI (GenAI). The findings indicate that a significant majority of businesses are proceeding with their AI implementations without solid governance or security frameworks in place, potentially jeopardizing not only the integrity of these systems but also their compliance with regulatory standards.

Findings from the Report

The report, titled "Managing Risks and Optimizing the Value of AI, GenAI & Agentic AI," offers crucial insights into the current state of AI maturity among enterprises. According to the study, over half of organizations (52%) have either fully or partially integrated GenAI into their operations. However, the report highlights a concerning trend: many of these enterprises lack essential security and governance measures necessary to manage AI-related risks effectively.

Muhi Majzoub, EVP of Product Engineering at OpenText, emphasizes that true AI maturity requires responsible adoption of these technologies. "Security and governance must be foundational to extracting real value from AI systems. By embedding these principles from the onset, organizations can foster transparency, ensure continuous monitoring, and trust the outcomes produced by AI."

Despite the promising aspects of AI, only one in five enterprises claim to have reached full AI maturity within their cybersecurity efforts. This means they effectively assess security risks while deploying AI. Additionally, less than half (43%) have adopted a risk-based strategy for governing their AI systems, highlighting a pressing need for organizations to close this gap as AI becomes more autonomous and integrated into critical business operations.

The Security Gap

The Ponemon study outlines several key areas where security and governance are lagging behind the pace of AI deployment. Here are some notable statistics:

• - 79% of organizations have not yet attained full AI maturity in cybersecurity, with security risks still unassessed in fully deployed systems.
• - Only 41% have data privacy policies specifically tailored for AI solutions.
• - A staggering 62% of respondents struggle to mitigate risks associated with AI models, particularly those related to bias and ethical standards.
• - Less than half (43%) report having adopted a comprehensive risk-based AI governance framework.

Moreover, a significant 58% of surveyed individuals expressed concern that mitigating risks associated with prompts or user inputs—which could lead to misleading or harmful outputs—was exceedingly challenging. Ensuring that AI systems remain compliant with privacy and security regulations presents another obstacle, as observed by 59% of respondents who highlighted this issue.

Trust and Explainability Issues

While organizations are keen on leveraging AI for improved operational efficiency, challenges concerning trust, reliability, and explainability persist. Many companies witness report difficulties regarding the reliability of AI helpful in threat detection.

The study indicates that although businesses have begun incorporating AI to bolster security operations, according to the responses, only 51% feel that AI effectively shortens the time taken to identify anomalies or threats. Fewer than half (48%) consider AI tools as adequate for deep threat detection, revealing a significant shortcoming in deploying these advanced technologies effectively.

Bias and model reliability present substantial hurdles, as 62% of respondents indicate such issues are increasingly difficult to manage. Additionally, operational reliability has emerged as a major concern, with 45% citing errors in AI decision-making and 40% raising issues with data inputs.

An Evolving Landscape for AI

The quest for fully autonomous AI systems remains elusive, with only 47% of respondents asserting their AI models can independently learn robust norms and make safe decisions. This lack of confidence underscores a prevailing need for human oversight in the governance of AI technologies, especially given the rapid adaptability of malicious entities.

Majzoub points out that effective AI adoption in the coming years will rely heavily on the establishment of transparency and control from inception. He argues, "Organizations must prioritize secure information management as the foundation, complemented by robust governance structures, policy-driven controls, and ongoing monitoring, to guarantee that AI systems remain trustworthy and compliant."

As organizations gear up for a future where AI plays a central role in various sectors, the necessity of aligning AI initiatives with suitable data and security practices, along with transparent oversight, becomes increasingly paramount. This will ensure that innovation can expand responsibly, yielding tangible business benefits while addressing ethical considerations and security threats.

Conclusion

The insights from the Ponemon study serve as a wake-up call for enterprises looking to harness AI’s potential effectively. As organizations navigate the complexities of AI deployment, prioritizing robust security and governance frameworks will be crucial for success and sustainability in this evolving technological landscape.