Artificial Intelligence (AI) has been a hot topic over the last year. When it comes to generative AI apps, it’s safe to say that most people are already familiar with Open AI’s ChatGPT. In the last year, however, multiple tech giants—including Microsoft, Google, Apple, Meta, and Amazon—have joined the race to release AI tools of their own.
The business world at large has taken notice, with one recent survey of more than 500 senior IT leaders revealing that 67 percent of respondents are prioritizing generative AI for their businesses within the next 18 months, and 33 percent of respondents claiming that implementing AI is a top priority.
“AI is an alluring tool for businesses, and undoubtedly it offers several substantial benefits—but it also comes with a number of risks,” says Mike Sanchez, UDT’s CISO & SVP Cybersecurity Solutions. “Companies big and small should tread lightly when it comes to engaging AI; it is important to adopt a risk-based approach to inform how they choose to leverage this emerging technology.”
In this blog, we will leverage Mike’s expert insights alongside industry resources to examine the pros and cons of using AI for business, as well as offer tips on how to mitigate potential risks.
The Benefits of AI in Business
The abilities and functions of AI are expected to expand rapidly over the next few years. In a number of ways, AI has already met or exceeded human ability through handwriting and speech recognition, image recognition, reading comprehension, and language understanding. It is expected to reach even more benchmarks in the near future, including basic mathematics, code generation, and what we’d characterize as common sense. For now, however, AI is still lacking in these areas. At its current ability level, most generative AI systems are capable of benefitting business in three primary ways:
1. AI can improve automation.
AI can easily automate certain digital and physical tasks and processes—think administrative tasks, such as the following:
- Moving data from client emails and call center systems into digital databases or updating client records with info such as address changes and new payment information.
- Identifying and reconciling unpaid charges for services by scanning data from various files across your organization’s billing systems.
- Using natural language processing to pull pertinent information from longform documents such as contracts or legal papers.
2. AI can provide additional business insights and analytics.
AI is able to detect patterns across large collections of data and interpret them to provide actionable insights beyond what standard analytics programs can deliver, allowing it to accomplish the following:
- Looking at a customer’s habits and buying history to predict what that person is likely to buy in the future or at certain times of the year.
- Flagging instances of potential credit card or insurance claims fraud.
- Automating personalized targeting of digital marketing and advertisements.
3. AI can contribute to seamless employee and customer engagement.
AI chatbots can serve as digital agents for a company, performing tasks such as the following:
- Providing 24/7 customer service, providing quick responses to basic inquiries.
- Becoming an AI HR representative that can answer employee questions on topics including IT, benefits, and company policies.
- Addressing simple issues such as login problems and technical support questions while sounding like a normal human being (not a robot).
The Risks of AI and How to Mitigate Them
For all the benefits of AI, there are just as many risks. For example, because AI systems often rely on vast amounts of sensitive information, they can be attractive targets for cyberattacks. Further, the rapid pace of AI development can make it challenging for businesses to keep up with evolving regulations, increasing the risk of compliance issues. Thus, while AI holds great promise, businesses must tread cautiously to mitigate these risks effectively—here are four things to remember about AI’s limitations.
1. AI is not perfect—it does make mistakes.
Humans aren’t perfect, and neither is AI… not by a longshot. As already mentioned, AI’s ability to do tasks such as programming and code generation are still lacking, even when used to assist a human coder. In fact, a Cornell University study found that programmers and coders who used an AI Code assistant wrote “significantly less secure code than those without.” These mistakes are not limited to code generation. Even chatbot AI such as ChatGPT has limitations: it would be a mistake to over rely on this technology. Avoid problems by ensuring a human can quality check anything produced by AI, especially to identify potential vulnerabilities.
2. AI can open your business up to cybersecurity risks.
Generative AI is a fairly new technology, and as with any new technology, cybercriminals have come to view it as a potential target for exploitation. For any business that becomes too heavily reliant on AI for its operations, this means a potential for increased risk of cyberattacks and data breaches. Hackers are already exploring ways to use commercial AI systems to infiltrate businesses and access/extract their data. To minimize the security risks associated with generative AI, it will be important to have strict security monitoring of these systems in place. Businesses will also need to ensure that all AI is regularly updated with the latest patches and fixes to make sure that any recently discovered vulnerabilities and exploits cannot be leveraged by cybercriminals.
3. AI can become victim to data manipulation or training dataset “poisoning.”
Never forget that AI is, at its core, always learning. Its abilities are based solely on the data it is given from which to learn. If someone were to manipulate or “poison” that data, then the AI system can conceivably be turned from a useful tool into a malfunctioning nightmare with potentially damaging results. While this sort of training data manipulation is still rare, it is likely to become more common as AI itself becomes more commonplace in business.
These sorts of attacks, often carried out by using a backdoor entry point, allow attackers to insert malicious code or “poisoned” data into the AI’s training dataset. This affects the AI’s decision-making processes, causing it to make wrong choices, faulty or incorrect responses, and even reply to messages in offensive or insulting ways. Avoiding this type of risk requires using multiple best practices to defend the AI’s dataset, including anomaly detection, data encryption, constant monitoring, and leveraging training models that help the AI system to protect itself (i.e. detect potentially “poisonous” data on its own).
4. AI is still unpredictable.
Generative AI has managed to improve greatly when it comes to mimicking human behavior; however, it isn’t always successful. This is especially true when it comes to things like empathetic responses or the ability to “read the emotions” of a situation. For businesses using AI for customer engagement, this can be a very serious risk. For example, customers who may already be frustrated with a product or service may get angry when they receive insensitive replies from an AI chatbot. This is why it’s important to ensure that these systems are only being used for basic information (FAQ) or screening purposes and not for complicated customer engagement tasks or conversations that require an understanding of human emotions in speech patterns.
For more tips on mitigating AI-related risks, you might consider checking out OpenAI’s list of Safety Best Practices for AI use (or ask your AI vendor to provide you with their own list of safety best practices related to the system your company uses).
AI is a Useful Tool, But One That Must Be Monitored!
While AI can revolutionize business processes and unlock new opportunities, it is crucial for organizations to recognize and address the associated risks. Data security and regulatory compliance are just a few of the challenges that businesses must navigate when deploying AI. To harness the power of AI responsibly, companies should invest in robust security measures and balance their people and process with how they choose to use this technology. By striking a balance between innovation and risk management, businesses can realize the full potential of AI and drive sustainable growth in an increasingly digital world.
UDT’s world-class cybersecurity and risk management solutions are designed to help organizations like yours safeguard against data breaches and cyberattacks. Whether you use AI or not, our team of experts can proactively monitor your organization’s unique risk profile and prioritize strategic security updates in areas with the most impact. Connect with our team today for a consultation.
Take The Quiz—What’s Your Security Risk Level?
New to cybersecurity or trying to improve your security posture? Take our brief quiz to understand how your organization might score when it comes to risk—and what to do about it.