AI- creating new security risks

The rapid growth of artificial intelligence is transforming the IT landscape, and along with it, the security risks organizations are facing. One of the most pressing concerns is the rise of "shadow AI," where employees use AI tools without the knowledge or approval of IT.

Artificial Intelligence is already present in multiple devices and technologies that companies and citizens use daily to automate tasks or optimize decision-making. In this sense, Artificial Intelligence has become a great ally of cybersecurity professionals and companies in strengthening their defensive capabilities and improving their resilience against cyberattacks.

Just as cloud computing and SaaS applications created a surge in shadow IT, AI is now following the suit. Employees are finding AI tools that can help them automate tasks, make better decisions, and be more productive. However, these tools are often used without the proper security controls in place, which can put sensitive data at risk and open up new avenues for cyberattacks.

There are various organizations who have increased their production of methodologies and guides to focus on the security risks of AI and help companies prevent them successfully.

New studies show some workers boost productivity by 40% using generative AI, the pressure for CISOs and their teams to fast-track AI adoption and turn a blind eye to unsanctioned AI tool usage is intensifying.

But succumbing to these pressures can introduce serious SaaS data leakage and breach risks, particularly as employees flock to AI tools developed by small businesses, solopreneurs, and indie developers.

Several factors are contributing to the rise of shadow AI. First, the rise of freemium AI tools is making it easy for employees to get started with AI without going through traditional procurement processes. Second, the increasing complexity of IT infrastructure is making IT departments less aware of what AI tools are being used on their networks. The lack of clear AI governance policies and guidelines is making it difficult for organizations to know what is acceptable use of AI and what is not.

The use of AI in shadow IT is still in its early stages, but it is already having a significant impact. AI tools are making it easier for employees to bypass IT controls and deploy AI solutions without the knowledge or approval of IT. This is creating new security risks for organizations and making it more difficult for IT to manage their IT environments.

Dr. Deepak Kumar Sahu, President & CEO, VARINDIA