AI tools linked to data exposure in 1 in 5 UK organisations
New research from RiverSafe, a cybersecurity professional services provider, has disclosed that 1 in 5 organisations have suffered company data exposure due to an employee using AI tools like ChatGPT. The investigation uncovered that 20 per cent of these enterprises confessed that such breaches were instigated from within their organisations.
The survey, titled "Underfunded and Under Reported: Threats, Breaches, and Budgets", was executed by independent polling agency Censuswide and collected the responses of 250 UK CISOs. The report unearths the connection between AI tools and cybersecurity, encapsulating the Cybersecurity landscape's prevailing predicaments.
As revealed in the study, 75 per cent of security leaders are of the view that threats from within their organisations pose a more significant danger compared to external threats. Additionally, 20 per cent recognised AI as their most substantial cybersecurity threat, highlighting broader concerns over the misuse of AI in cyber-attacks.
This finding puts a spotlight on the inherent risks associated with insider threats and the rising scepticism toward employee-led security concerns. The exposure of data by insiders is seen as a critical danger, overshadowing the menace cast by external actors.
The research also underscores the sophisticated and prevalent use of AI tools introducing new susceptibilities, adding another layer to the perpetually evolving landscape of cyber threats.
RiverSafe's CEO, Suid Adeyanju, expressed concern over the emergent dangers posed to businesses by insider threats. "Our research has highlighted the prominent danger that insider threats are posing to businesses, both from unaware employees and malicious staff members. This report sheds light on the intersection of AI and insider threats, where the increasing use of AI creates a wider concern for the potential for data breaches."
Adeyanju also stressed the urgency of pre-emptive measures against AI-enhanced cyber threats. "As the complexity of AI-Driven cyber threats continue to evolve, proactive measures are essential to safeguard sensitive data assets and mitigate the risks posed by insider threats. A revised and up-to-date cyber strategy should no longer be a second thought, but instead a priority for all organisations to mitigate the risks, especially when considering the ever-increasing use of AI."
RiverSafe's CTO, Oseloka Obiora, added that proceeding with caution is vital when leveraging AI in businesses, especially considering the risks of insider threats and the potential for data breaches triggered by employees. "Organisations must leverage AI for competitive advantage while strengthening cybersecurity defences to prevent potential vulnerabilities. The repercussions of a breach, compromising both customer and employee data, can inflict irreparable damage, underscoring the critical importance of comprehensive security measures."