The Balance for GenAI Usage in The Workplace

Published on 1st October 2024

Generative Artificial Intelligence (GenAI) tools are quickly becoming an integral part of the modern work environment, fulfilling a range of professional tasks from drafting a report to analysing spreadsheets, amongst others. A global Kaspersky survey found that 95% of C-suite respondents are aware that GenAI tools are used within their organisations with more than half (59%) being concerned about the risks of employees inadvertently leaking sensitive information when using AI. Kaspersky experts give advice on how organisations can use GenAI tools in a risk-adverse way. 

"GenAI tools are enabling employees to become more productive as the technology assists with data analysis and routine tasks. Yet, many people are using AI without proper authorisation from their employer," says Vladislav Tushkanov, Machine Learning Technology Group Manager at Kaspersky. "This could hold significant risks for the organisation. For instance, data leakage remains a significant concern. Furthermore, employees can get and act upon wrong information as a result of 'hallucinations.' This is when large language models present false information in a confident way. These hallucinations can be especially dangerous when GenAI is used to provide advice on how to complete certain work functions." 

Addressing this challenge is now a business imperative. Another Kaspersky survey has revealed that 40% of respondents from the Middle East, Turkiye and Africa (META) region now see AI as a team member at work. Adding complexity to this is how effectively malicious users have adopted GenAI tools to create more convincing social engineering attacks to target individuals. For instance, drafting personalised phishing emails; generating deepfakes that contain realistic audio, video, or text content that impersonates people; and even propagating disinformation campaigns that can influence public opinion or obscure the truth. 

"This does not mean that organisations should block GenAI completely. Instead, decision-makers must conduct a comprehensive risk assessment to understand which parts of the daily business routine can be automated with GenAI tools without adding to the threat level facing the business," says Tushkanov.

Through this, organisations can adopt a centralised approach when it comes to GenAI adoption. Such a service can then be provided via an enterprise account with a cloud provider while ensuring all the necessary safeguards are in place. These can include monitoring for potential personally identifiable information in messages as well as oversight. Organisations should also educate employees on the acceptable use of GenAI and the proper, company-managed, ways of accessing them. 

By understanding the benefits and risks of using GenAI and ensuring the necessary security measures are in place to mitigate any potential dangers, organisations can significantly improve employee productivity while also increasing job satisfaction. General rules for employees should include not disclosing confidential data to AI tools; not relying on their advice for any critical use case; verifying information; remembering that data provided to a chatbot can leak. And that all computers and servers running large language model (LLM) based systems are protected with up-to-date security tools. 

"Simply banning tools like ChatGPT and other solutions might be not the best option. GenAI can be used positively by finding the balance between too much and too little caution. More broadly, partnerships between the public and private sector can see GenAI becoming a critical enabler to help drive business growth, enable more resources spent on innovation, and adequately manage risk," concludes Tushkanov. 

Courtesy: Kaspersky, a global cybersecurity and digital privacy company founded in 1997.


This article has been read 613 times
COMMENTS