Security leaders were surveyed by ISACA on generative artificial intelligence (AI) uses and policies within the workplace. The poll found that many employees at respondents’ organizations are using generative AI, even without policies in place for its use.
The report found that 28% of organizations say their companies expressly permit the use of generative AI, 10% say a formal comprehensive policy is in place, and more than one in four say no policy exists and there is no plan for one. Despite this, over 40% say employees are using it regardless — and the percentage is likely much higher given that an additional 35% aren’t sure.
However, despite employees quickly moving forward with use of the technology, 6% of respondents’ organizations are providing training to all staff on AI, and more than half (54%) say that no AI training at all is provided, even to teams directly impacted by AI. Twenty-five percent of respondents indicated they have a high degree of familiarity with generative AI.
Fewer than one-third of their organizations consider managing AI risk to be an immediate priority, 29% say it is a longer-term priority and 23% say their organization does not have plans to consider AI risk at the moment, even though respondents note the following as top risks of the technology:
- Misinformation/disinformation (77%)
- Privacy violations (68%)
- Social engineering (63)
- Loss of intellectual property (IP) (58%)
- Job displacement and widening of the skills gap (tied at 35%)
Fifty-seven percent of respondents indicated they are very or extremely worried about generative AI being exploited by bad actors. Sixty-nine percent say that adversaries are using AI as successfully or more successfully than digital trust professionals.
Examining how current roles are involved with AI, respondents believe that security (47%), IT operations (42%) and risk and compliance (tie, 35%) are responsible for the safe deployment of AI. When looking ahead, one in five organizations (19%) are opening job roles related to AI-related functions in the next 12 months.
Read the full report here.