AI tools put companies at risk of data breaches

Since the beginning of 2021, data breaches, losses and thefts caused by corporate insiders have increased by an average of 28% every month. According to 85% of respondents, this trend will continue over the next 12 months.

Insufficient Data Protection

While 99% of enterprises have a data protection solution, 78% of cybersecurity leaders admit that their sensitive data is still compromised. As today's risks are increasingly driven by AI and GenAI, the way employees work, and the proliferation of cloud applications, respondents said they need to know more about the source code sent to repositories (88%), the Files for personal cloud accounts (87%) and CRM system data downloads (90%).

Nowadays, the high portability of data brings many conveniences to enterprises. The continued development of artificial intelligence and cloud technology has given rise to new business practices that promote connection, innovation and collaboration among employees. However, this also makes critical enterprise data such as source code more susceptible to leakage.

This year, the research highlights the new challenges posed by AI as data sets are being pushed beyond enterprises to train large language models. We also see that, in addition to financial information and research data, source code is now considered the most important data to protect, which is an important finding because most data protection tools fail to detect the most common source code exfiltrations.

Enterprises Concerned about AI Impact on Sensitive Data

Survey shows most respondents believe their cybersecurity teams are lacking in skills, prompting cybersecurity leaders to turn to AI (83 %) and GenAI (92%) technologies to make up for the talent shortage. However, the report notes that these technologies cannot completely replace the role of employees, and that using these tools may come with the risk of data loss.

73% of cybersecurity leaders said there is a level of uncertainty around data regulations, which could lead to some uncertainty for businesses in complying with new data protection laws. 68% expressed little confidence in whether companies fully comply with these new regulations. Additionally, 98% of respondents believe there is room for improvement in their data security training, indicating the need to strengthen employees’ data security awareness and skills. In addition, 44% of respondents believe that the data security field needs to be completely reformed to adapt to the rapidly evolving cyber threats and technology environment. These data highlight surveys show that the vast majority of respondents believe that their company’s sensitive data is gradually being affected by emerging AI technologies. 87% of them expressed concern that employees may accidentally enter sensitive data into the GenAI system, causing the data to be leaked to competitors. In addition, 87% of respondents also expressed concerns about employees' compliance with GenAI policies. These results highlight concerns and concerns about data security, indicating that companies need to strengthen training and supervision of employees to ensure that sensitive data is not compromised through the use of AI technology.

Enterprises are concerned about the safety risks of their employees, especially Generation Z and Millennials. The survey shows that companies are more worried about these young employees becoming targets of phishing attacks due to data security breaches (61%), oversharing company information online (60%), and transferring company files/data to personal accounts/devices (62%) %), even involving entering sensitive data into GenAI tools (58%). These behaviors may cause enterprises to face data leaks and security threats. Therefore, enterprises need to strengthen security awareness education for employees to reduce the occurrence of these potential risks.

The survey shows that respondents generally believe that the biggest risks to corporate data security come from senior management (81%) and board members (71%) because they can easily obtain the most sensitive data. This may indicate that these groups have higher access to company data and therefore may pose a greater threat to data security.

Insider data loss drains time and money

Insider-driven data breaches, losses and theft incidents can have a huge financial impact, with cybersecurity leaders estimating that an incident averages Costing their business $15 million, respondents spend an average of three hours a day investigating internally driven data incidents.

72% of cybersecurity leaders are concerned that they could lose their job due to an unsolved internal intrusion. To respond effectively, organizations believe that data protection solutions should provide fast and easy investigations (42%) , visibility into file content and metadata (39%), and should be able to integrate with other technology solutions (38%).

Greater visibility is needed so businesses can see data being copied into GenAI tools to identify and remediate risks before it’s too late.

The above is the detailed content of AI tools put companies at risk of data breaches. For more information, please follow other related articles on the PHP Chinese website!