A new survey by digital marketing company Add People has revealed that 1 in 3 UK workers are using generative AI tools without their boss’ knowledge.
The survey also found that only 14% of businesses have officially implemented AI tools, meaning most usage of generative AI is unregulated even where AI use is known.
Though AI tools are useful and have been proven to increase productivity, there have been numerous reports of safety concerns around data storage. These issues stem from the tool storing conversations to trial its AI model.
This Cybersecurity Awareness Month, the team at Add People want to raise awareness of the importance of using ChatGPT and other AI tools safely.
Add People Chief Marketing Oficer Peter Marshall said: “This survey shows that a third of workers who use AI aren’t telling their bosses, meaning the information they’re sharing with these platforms is at risk if a data breach occurs. The survey also found that only 14% of workplaces have officially implemented AI tools which can contribute to misuse.
“The best way to avoid insecure AI use is to raise awareness of the risks with your staff and make recommendations on when and how to use tools like Bard and ChatGPT. Creating guidelines on what information should not be shared with these tools is a good way of building a foundation for AI implementation in the workplace. A light touch approach like this helps keep AI use safe while also supporting experimentation in the early stages of application.”
Speaking to Add People, cyber security expert Ian Reynolds from SecureTeam also had this advice for safe AI use: “If 1 in 3 people using AI at work are doing so without their boss knowing, this could result in serious security issues further down the line.” He said some steps that business leaders can take include:
When faced with the exciting prospect of new software, people can often overlook key safety considerations that are second nature to them when performing other tasks. For this reason, it’s important to refresh your employees’ minds on safety protocol regularly and raise awareness of noted safety issues with new technology like generative AI.
This could simply take the form of a company-wide email or asking managers to discuss the uses and risks of generative AI with their staff. Regular refresher training on cybersecurity is one of the best ways to keep your company safe so if you know your employees are starting to use AI, now might be a good time to organise training.
While a third of people are using AI without their boss knowing, this may in part be down to staff not knowing they needed to disclose their usage. By asking your team if they have ever used these tools at work and how they used them, you can understand the extent of the risk to your company’s data. This will also help you inform your approach going forward and how to strike the balance between security and innovation.
If your staff are beginning to use AI tools at work, you may want to run an AI-specific training session. This is an opportunity for you to explore how people in your industry are using AI tools, how people in your organisation have begun to use them and what the risks are.
With training around the specific tools, you’ll ensure that everyone understands the responsibility they hold to safeguard the data of the organisation.
If your industry is engaging with AI but your organisation has yet to officially implement any tools or strategies, now might be the time to establish some basic frameworks for your staff to follow. You could do this by following frameworks from other leaders in your industry or by identifying champions in the business who can produce frameworks that follow security guidelines and promote these to other members of staff.
If you work in a particularly sensitive industry and are concerned about the risk of data leaks through these tools, you may want to consider restricting access on your networks and company devices. While this impacts the value AI tools can bring for productivity, it may be the only way to insure yourself against data leaks which may be more risk than it’s worth.”
