AI Risks in the Workplace

A vendor specializing in monitoring cyber risk called UpGuard reports that “over 80 percent of workers, including nearly 90% of security professionals, use unapproved AI tools in their jobs.” Using tools that have not been vetted by their organization can expose that organization to a variety of cyber threats. Only 20% of the employees surveyed say they only use company-approved AI programs. The [scary] irony is that leaders in the various security departments are more likely to do so than other employees – and do so on a regular basis. Unapproved AI tools are called “shadow AI;” using them can be very risky to the employers, especially since about 40 percent of employees consider AI to be their most trusted source of information. (This is about the same as for their managers and higher than fellow employees or search engines.) Another ironic result of the survey was that “as employees’ knowledge of AI risks increases, so does their confidence in making judgments about that risk — even at the expense of following company policies.” The bottom line is that top management must be very clear to all levels of the organization about the use and risks of AI. One item of note is that HR is generally not included in the evaluation and selection of an AI system to be used in a company, even though such involvement may help to avoid some of these problems.